Sun Microsystems, Inc.  Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-71-1006613.1
Update Date:2011-06-06
Keywords:
Solution Type  Technical Instruction Sure

Solution  1006613.1 :   Sun Fire[TM] 12K/15K/E20K/E25K: Incorrect permission(s) on SMS Directories  

Related Items 
    

  • Sun Fire E25K Server
    •  
  • Sun Fire E20K Server
    •  
  • Sun Fire 12K Server
    •  
  • Sun Fire 15K Server
    •  
Related Categories 
    

  • GCS>Sun Microsystems>Servers>High-End Servers
    •  

PreviouslyPublishedAs
209226 




Applies to: 
 
Sun Fire 12K Server
Sun Fire E25K Server
Sun Fire 15K Server
Sun Fire E20K Server
All Platforms



Goal

Incorrect permission(s) on SMS directories such as $SMSVAR/.lock and $SMSVAR/.pcd can create problems for domains during a setkeyswitch operation, and PCD database inconsistencies.

Note: $SMSVAR = /var/opt/SUNWSMS/

Shown below are sample errors seen during a setkeyswitch operation on domains when file permissions on ".lock" and ".pcd" are incorrect.

Sample Errors

On console:
v4u-15ka-sc0:sms-svc:25> setkeyswitch -d A standby
Current virtual key switch position is "ON".
Are you sure you want to change to the "STANDBY" position (yes/no)? yes
Domain is up.
Sending domain shutdown request.
Domain failed to pick up shutdown request.
You can abort or force a shutdown.
Do you want to force a shutdown (yes/no)? yes
[5358] Transmission or pcd(1M) handling of domain-down event failed: ecode=1708


In $SMSVAR/adm/<domain_id>/messages:
Jun  3 21:24:32 2005 scaw3j01 pcd[22145]: [1754 6086732730325848
ERR PCDApp.cc 2533] PCD chkpt WRITE failed. session id: 128, status: 8
Jun  3 21:24:32 2005 scaw3j01 pcd[22145]: [1764 6086732731237394
ERR PCDApp.cc 1532] PCD unable to checkpoint Domain Down event sequence
Jun  3 21:24:32 2005 scaw3j01 pcd[22145]: [1708 6086732732226343
ERR DomainMgr.cc 333] Unable to open file: /var/opt/SUNWSMS/SMS1.4.1/.pcd/domain_info.tmp
Jun  3 21:24:32 2005 scaw3j01 pcd[22145]: [1708 6086732733416087
ERR BoardMgr.cc 349] Unable to open file: /var/opt/SUNWSMS/SMS1.4.1/.pcd/sysboard_info.tmp
Jun  3 21:24:32 2005 scaw3j01 pcd[22145]: [1708 6086732734120448
ERR BoardMgr.cc 349]Unable to open file: /var/opt/SUNWSMS/SMS1.4.1/.pcd/sysboard_info.tmp
Jun  3 21:37:26 2005 scaw3j01 pcd[22145]: [1754 6087506063012662
ERR PCDApp.cc 2533] PCD chkpt WRITE failed. session id: 128, status: 8
Jun  3 21:37:26 2005 scaw3j01 pcd[22145]: [1764 6087506063927988
ERR PCDApp.cc1532] PCD unable to checkpoint Domain Down event sequence
Jun  3 21:37:26 2005 scaw3j01 pcd[22145]: [1708 6087506064914507
ERR DomainMgr.cc 333] Unable to open file: /var/opt/SUNWSMS/SMS1.4.1/.pcd/domain_info.tmp
...
Jun  3 22:10:57 2005 scaw3j02 setkeyswitch[476]-C(): [50000 6089081051235750
ERR setKeyswitchLock.cc 74]file open failed: file=/var/opt/SUNWSMS/SMS1.4.1/.lock/C/setkeyswitch, ecode=2
Jun  3 22:10:57 2005 scaw3j02 setkeyswitch[476]-C(): [50002 6089081081432930
ERR setKeyswitchLock.cc 75] file unlink failed: file=/var/opt/SUNWSMS/SMS1.4.1/.lock/C/setkeyswitch, ecode=2
Jun  3 22:10:57 2005 scaw3j02 setkeyswitch[476]-C(): [5311 6089081082713467
ERR setKeyswitchLock.cc 76] setkeyswitch lock acquisition failed: ecode=2





Solution

Directories with correct permissions shown below:

Directory structure under $SMSVAR:



drwxrwxr-x+ 20 root     sms             1024   Jun   14 12:27   .lock
drwxrwxr-x     2 root     sms             512   Jun   14 12:27   .pcd
drwxrwxr-x+ 22 root     sms             512   May    8  2004    adm
drwxrwxr-x+ 23 root     sms              512   Jun    7 13:52   data
drwxrwx---+ 20 root     sms             1024   Mar   13 15:54   doors
drwxrwxr-x+ 20 root     sms               512   May     8  2004    pipes


Directory structure under .lock:



drwxrwx---+  2 root   	sms   		512 Jun  4 14:38    A
drwxrwx---+  2 root    sms   		512 Jun  4  2004     B
drwxrwx---+  2 root        sms   		512 Jun  5  2004     C
drwxrwx---+  2 root        sms   		512 Jun  5  2004     D
drwxrwx---+  2 root        sms   		512 Jun  5  2004     E
drwxrwx---+  2 root        sms   		512 Jun  4  2004     F
drwxrwx---+  2 root        sms   		512 May  8  2004     G
drwxrwx---+  2 root        sms   		512 May  8  2004     H
drwxrwx---+  2 root        sms   		512 Jun  4  2004     I
drwxrwx---+  2 root        sms   		512 May  8  2004     J
drwxrwx---+  2 root        sms   		512 Jun  5  2004     K
drwxrwx---+  2 root        sms   		512 May  8  2004     L
drwxrwx---+  2 root        sms   		512 Aug 12  2004    M
drwxrwx---+  2 root        sms   		512 May  8  2004     N
drwxrwx---+  2 root        sms   		512 May  8  2004     O
drwxrwx---+  2 root        sms   		512 May  8  2004     P
drwxrwx---+  2 root        sms   		512 Nov 28  2004    Q
drwxrwx---+  2 root    sms   		512 Jun  5  2004     R


Directory structure under .pcd:



-rw-------   1 sms-pcd       sms            3597 Jun 14 12:27       domain_info
-rw-------   1 sms-pcd       sms              171 Jun  3  15:49       platform_info
-rw-------   1 sms-pcd      sms           1426 Jun 14 12:27       sysboard_info


ACL for .lock:



#getfacl .lock
# file: .lock
# owner: root
# group: sms
user::rwx
user:root:rwx                           #effective:rwx
user:sms-svc:rwx              #effective:rwx
user:domaadmin:rwx                         #effective:rwx
user:dombadmin:rwx                        #effective:rwx
user:domcadmin:rwx            #effective:rwx
user:domdadmin:rwx                        #effective:rwx
user:domeadmin:rwx                        #effective:rwx
user:domfadmin:rwx                         #effective:rwx
user:domgadmin:rwx                        #effective:rwx
user:domhadmin:rwx                         #effective:rwx
user:domiadmin:rwx                        #effective:rwx
user:domjadmin:rwx                         #effective:rwx
user:domkadmin:rwx                         #effective:rwx
user:domladmin:rwx                         #effective:rwx
user:dommadmin:rwx                        #effective:rwx
user:domnadmin:rwx                        #effective:rwx
user:domoadmin:rwx                         #effective:rwx
user:dompadmin:rwx                        #effective:rwx
user:domqadmin:rwx                        #effective:rwx
user:domradmin:rwx                        #effective:rwx
user:exp11539:rwx                           #effective:rwx
group::rwx                                 #effective:rwx
mask:rwx
other:r-x


NOTE: Not every system will have domain-specific admin accounts as listed here in the getfacl output.
At a minimum, the .lock directory and each domain-specific directory inside .lock should have an ACL entry for sms-svc.

The best way to check permissions problems on these directories and the files
under them is by running the pkgchk command on SUNWSMSdf:




#pkgchk SUNWSMSdf
  ERROR: /var/opt/SUNWSMS/SMS1.4.1/.lock
permissions <0775> expected <0444> actual


Correct permissions accordingly using chmod, chgrp, chown, and setfacl commands.




# chown root .lock
# chgrp sms .lock
# chmod 775 .lock
# setfacl -m user:sms-svc:rwx .lock 




Product
Sun Fire E25K Server
Sun Fire E20K Server
Sun Fire 15K Server
Sun Fire 12K Server

Internal Section

See also:
Document 1007966.1 which describes a similar failure when the .lock directory is missing from the system.

Keywords: sms, 15k, pcd, lock, setkeyswitch, getfacl, setfacl, permissions, checkpoint, chkpt, lock aquisition failed

Previously Published As 81943





Attachments

This solution has no attachment


















       

Copyright © 2011 Sun Microsystems, Inc.  All rights reserved.

 Feedback