This applies to Linux systems with BoKS running.

Description

Sometimes third party software makes additions to /etc/pam.d/ directory.

Resolution / Workaround

 

If the software that changes the /etc/pam.d/ is installed either before BoKS is installed or while BoKS is not active, it will automatically be taken care of, and this will not be lost during BoKS upgrades or re-installation. This is because sysreplace replace will find the files and create links into ${BOKS_etc}/pam.d/ directory.

 

If the software is installed while BoKS is active, the new file will not be copied back to /etc/pam.d..org/ . This could cause the application to fail:

  1. When BoKS is not active
  2. When BoKS is re-installed
  3. When BoKS is upgraded

The solution is to have the local system administrator copy the new file from the ${BOKS_etc}/pam.d/ directory to the /etc/pam.d..org/ directory.

 

To assist you in identifying such occurrences, BoKS file monitoring will catch changes to this file (as defined in ${BOKS_lib}/filmon.boks). It will monitor /etc/opt/boksm/pam.d/ for changes - including new files. If it finds a new file, then a LOG message will be created similar to the following:

 

03/19/15 16:54:21 master66 - root filmon New file /etc/opt/boksm/pam.d/scx

 

Additionally, you can configure an alarm event to be triggered when new files are detected in the directory.

 

BoKS Manager version 7.0 and later:

 

The default alarmlog config table (Table 27 = alarmlog.dat) has "filmon_newfile" defined in it. Thus, this will trigger an alarm event. If you are using the alarmlogs functionality of BoKS, you can monitor for this and trigger an alarm. When this happens, you will have to have some procedure to inform the local system administator to copy the file from /etc/pam.d/ (which is link to ${BOKS_etc}/pam.d) to /etc/pam.d..org/ .

 

If you are not using the alarmlog redirection you can still report on alarm events with bokslogview LABEL=filmon_newfile to display only new files found. You can set up periodic runs of this to look for the condition.

 

BoKS Manager 6.7.x and earlier:

 

The default alarmlog config file (${BOKS_etc}/alarmlogs) has "filmon_newfile" defined in it. Thus, this will trigger an alarm event. If you are using the alarmlogs functionality of BoKS, you can monitor for this and trigger an alarm. When this happens, you will have to have some procedure to inform the local system administator to copy the file from /etc/pam.d/ (which is link to ${BOKS_etc}/pam.d) to /etc/pam.d..org/ .

 

If you are not using the alarmlog redirection you can still report on alarm events with bkslog -T "New file" to display only new files found. You can set up periodic runs of this to look for the condition.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: November 15, 2019