FSUMF353 __chattr() could not set auditor audit flags
search cancel

FSUMF353 __chattr() could not set auditor audit flags

book

Article ID: 24635

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

If the Auditor Audit Options in the root IFSP are not set properly you will see the following message:

FSUMF353 __chattr() could not set auditor audit flags for /Service.
EDC5139I Operation not permitted.

 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:

Resolution

The Auditor Audit Options flags should be set to "---" (no auditing) not "fff". In order to change the bits you need superuser authority.

Issue the Unix "find" command to list all files that have auditor audit options set to "fff":

find / -aaudit =f

Issue the Unix "df" command to display mounted filesystems.

Check every mounted filesystem in the "df" output to see if it also shows up in the "find" command output. If so, the auditor audit options for that filesystem should be changed from "fff" to "---" (no auditing).

Issue the Unix chaudit command to change the auditor audit options from "fff" to "---". This example changes the auditor audit options for the /SERVICE filesystem:

 chaudit -a -f /SERVICE

Issue similar chaudit commands for every filesystem that has incorrectly set auditor audit options.

'chaudit' security requirements knowledge document.

 

Additional Information

'chaudit' security requirements knowledge document.

 

Powered by Wolken Software