On viewing the Tim packet statistics or the Timlog file, the browser gives an error about having no permission to access the file.

Document ID:  TEC598181
Last Modified Date:  08/02/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Application Performance Management

Releases

  • CA Application Performance Management:Release:9.1 SP2
  • CA Application Performance Management:Release:9.1.0
  • CA Application Performance Management:Release:9.1.1
  • CA Application Performance Management:Release:CA APM 9.6
  • CA Application Performance Management:Release:CA APM 9.7
  • CA Application Performance Management:Release:10.5

Components

  • CUSTOMER EXPERIENCE MANAGER:APMCM
Symptoms:

When trying to view the Tim packet Statistics or Timlog files, the browser displays an error indicating no permission to the file e.g.

Cannot read /etc.wily/cem/tim/logs/protocolstats1/2013-08-13.csv: [Errno 13] Permission denied: '/etc.wily/cem/tim/logs/protocolstats1/2013-08-13.csv'

Inspection of the file in the file system using 'ls -al' shows that the file permissions are:

 

  -rw-r----- 1 root root 25031 Aug 13 06:24 2013-08-13.csv
Environment:
All supported APM releases.
Cause:

In this situation, when logged in as root, the umask is set to 0022. So, the default file creation umask for a logged in user would be okay.

However, the TIM process runs as a daemon which is not owned by any logged in user.

For daemon processes, there is another file which can be modified to set a different default umask for processes running as a daemon.

 

  /etc/sysconfig/init 

 

In this case, the umask had been manually modified for daemon processes as follows:

 

  umask 027 

 

A umask of 027 results in file permissions of:

 

  -rw-r----- 

 

Which are readable only by the daemon process owner and users who are members of the daemon process owner's group.

Workaround:

There are two possible solutions for this:

  1. Remove the umask 027 from the /etc/sysconfig/init file. The disadvantage is that it will affect all daemon processes on the system and not just the TIM daemon. At some sites, this may violate security requirements.
  2. Edit the /etc/rc.d/rc.tim file to explicitly set the default umask for the TIM daemon processes only. The umask setting in rc.tim overrides the global setting in the init file.
Additional Information:

Here is an example of a portion of an rc.tim file which has been modified to set a default umask to 022:

  #!/bin/sh 
  # Start/stop Tim (Transaction Impact Monitor) 
  # /etc/wily/cem/tim should be a symbolic link to the current  
  # tim directory.  
  # set umask to overwrite anything in /etc/sysconfig/init  
  umask 022 
  pgmname="$0"  
  ....... 

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >