DB2 KM log files are created with world writable permissions: /opt/patrol/PATROL3.5/pso/logs /opt/patrol/PATROL3.5/pso/logs/java |
Those are logs files and only the patrol user that run the DB2 KM can use those, even with the writing permission. However, raised a RFE for this DB2 km (QM002400358), to request to use the minimum permissions to those files. On the meantime, have a workaround to change the file permissions: Workaround instructions: 1) Download the "PSOLoggerLib.lib" file attached. 2) Stop the PATROL Agent. 3) Take a backup of existing $PATROL_HOME/lib/psl/PSOLoggerLib.lib. 4) Replace the attached PSOLoggerLib.lib at location $PATROL_HOME/lib/psl 5) Go to $PATROL_HOME/Patrol3/pso directory 5) Edit the PSO_startClient.sh file and change the umask to umask ug=rwx,o=r 6) Rename the existing logs directory $PATROL_HOME/pso/logs to logs_old. 7) Start the PATROL Agent |