search cancel

Indexing in a non-standard partition on RHEL


Article ID: 162605


Updated On:


Data Loss Prevention Enforce


Customer has chosen to use a non-standard partition for DLP.  They have symbolic links so that DLP works correctly but indexing (EDM/IDM) does not work.

SEVERE [com.vontu.manager.struts.ProtectActionProcessor] access denied ("" "<path>/datafiles/upload_temp" "write")
Cause: access denied ("" "<path>/datafiles/upload_temp" "write")


SEVERE [com.vontu.profiles.manager.database.DataSourceIndexCreator] Unexpected exception while creating EVENT_PARAMETER_I18NKEY##profiles.message.Exact_Data_Profile_Version##<EDM Name>##<version>
Cause: access denied ("" "<path>/index/DataSource.x.x.idx" "delete")


SEVERE [com.vontu.profiles.manager.database.DataSourceIndexCreator] Unexpected error occurred while creating EVENT_PARAMETER_I18NKEY##profiles.message.Exact_Data_Profile_Version##5##1. access denied ("" "<path>/index/DataSource.x.x.idx" "delete")


Even though symbolic links have been created and DLP is functioning fine the underlying Java architecture cannot follow symbolic links for file/directory operations (such as write or delete).  This can be proven by creating the expected folder structure, putting the source files in place, and attempting an index again (it will succeed).  The cause is two-fold; first we need to tell DLP where to look for index data then we need to tell Java it has the needed permissions.


In order to index in a non-standard partition/directory setup we need to modify the manager.policy file as well as the file.

We will need to give Java permission to operate in the new folder.  To do this, find the two entries for:
permission "/var/SymantecDLP${/}-", "read,write,delete";


Copy this line and paste it immediately below.  Modify the "/var/SymantecDLP" with the new partition.  Do this for both entries.  Example:
permission "/var/SymantecDLP${/}-", "read,write,delete";
permission "/data/SymantecRULES${/}-", "read,write,delete";

Make sure to keep the $ at the end.

Save and close the file.
Modify the following entry:

# location of the EDM and IDM RAM index files (.rdx)
com.vontu.index.dir = /var/SymantecDLP/index


Change it to:
com.vontu.index.dir = /path/to/new/partition

Best practices is to create a backup.  Easiest way is to copy/paste the line, comment out the original, and modify the copy.  Example:
#com.vontu.index.dir = /var/SymantecDLP/index
com.vontu.index.dir = /data/SymantecRULES/index

Save and close the file.

Restart VontuManager and VontuMonitorController services.