CPSSG service group fails to come online after vxcpserv resource fault

book

Article ID: 100055132

calendar_today

Updated On:

Description

Error Message

/var/VRTScps/log/cpserver_A.log:

CPS ERROR V-97-1400-966 Non-root users cannot have read, write or execute permissions on file /etc/vxcps_ssl.properties. CPS ERROR V-97-1400-7 Error in reading configuration file. Exiting. CPS ERROR V-97-1400-966 Non-root users cannot have read, write or execute permissions on file /etc/vxcps.conf. CPS ERROR V-97-1400-7 Error in reading configuration file. Exiting.

Cause

CPS has built in protection to not start if the configuration files have non-root user access. This is to prevent a malicious user from changing the configuration.

Resolution

Check the permissions of the /etc/vxcps.conf and /etc/vxcps_ssl.properties files. Notice in this example that the world attributes are set to read, write, and execute

# ls -l /etc/vxcps*
-rw----rwx. 1 root root 190 May 18 2022 /etc/vxcps.conf -rw----rwx. 1 root root 844 May 25 2022 /etc/vxcps_ssl.properties

Change the permissions so that root only has access. Use chown to change the owner to root if the owner isn't root currently.

# chmod 600 /etc/vxcps.conf
# chmod 600 /etc/vxcps_ssl.properties

Check that the permissions are changed

# ls -l /etc/vxcps*.*
-rw-------. 1 root root 190 May 18 2022 /etc/vxcps.conf -rw-------. 1 root root 844 May 25 2022 /etc/vxcps_ssl.properties

Clear the CPSSG service group and bring it online.

# hagrp -clear CPSSG
# hagrp -online CPSSG -any

Issue/Introduction

The CP Server group, CPSSG, fails to start due to the vxcpserver resources faulting.

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"