/etc/passwd or /etc/groups, file system permissions always revert to 644
Article ID: 35792
Updated On:
Products
CA Privileged Access Manager - Server Control (PAMSC)
CA Privileged Identity Management Endpoint (PIM)
Issue/Introduction
Problem:
Upon modifying a Unix user account with ControlMinder, the rights of the file /etc/passwd or /etc/groups, etc. change and set to 644.
Environment:
Applies to all supported environments for ControlMinder on Unix or Linux
Cause:
Although it might not be obvious, what you see in this case is expected behaviour and is working by design.
Resolution:
By default CM is resetting group and passwd file ownership and file access rights to root and 644 upon update of a user and/or group.
This behaviour is meant as security feature, e.g. if the file was "stolen" by some other user.
Anyway, you can switch off this behaviour if you negate the default values of these tokens in seos.ini in [passwd] section
SaveGroupAttrs
SavePasswdAttrs
Additional Information:
Environment
Release: ACP1M005900-12.9-Privileged Identity Manager
Component:
Component:
Resolution
.
Feedback
Yes
No
Powered by
