|
was that script run under that USRPRF or perhaps run under another USRPRF?
assuming the *AUTFAIL auditing is active prior to the failure.
On 08-Jan-2016 14:48 -0700, Aaron Bartell wrote:
Trying to start Apache instance configured for FastCGI and I get the
following error.
Conspicuously missing from what is given below, are: message identifier,
from-program, to-program, and job.
From module . . . . . . . . : QP2LOAD
From procedure . . . . . . : send_message__FPcT1Pvi
Statement . . . . . . . . . : 11
To module . . . . . . . . . : QP0ZPCPN
To procedure . . . . . . . : Qp0zNewProcess
Statement . . . . . . . . . : 278
Message . . . . : Not authorized to PASE for i program
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi.
Cause . . . . . : You must have execute authority for the file and
every directory in the path. You may also need read authority to the
file if it is on a remote file system or a local file system other
than the root file system or QOpenSys file system.
Recovery . . . : Verify that you have read and execute authority to
the file, and execute authority to all directories in the path, then
try the request again.
Technical description: The error occurred loading Portable
Application Solutions Environment program
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi.
I have a shell script named full_path_perms.sh** that gives me the
perms for each dir, as shown below.
$ ./full_path_perms.sh /QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi
drwxrwsrwx 13 qsys 0 339968 Dec 21 21:41
/QOpenSys
drwxr-sr-x 4 qsys 0 8192 May 21 2015
/QOpenSys/QIBM
drwxr-sr-x 13 qsys 0 12288 Jan 8 16:59
/QOpenSys/QIBM/ProdData
drwxr-sr-x 6 qsys 0 8192 May 21 2015
/QOpenSys/QIBM/ProdData/OS400
drwxr-sr-x 9 qsys 0 8192 May 21 2015
/QOpenSys/QIBM/ProdData/OS400/PASE
drwxr-sr-x 2 qsys 0 28672 Nov 25 09:04
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin
-rwxr-xr-x 1 qsys 0 36114 Oct 6 2013
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi
My httpd.conf file: https://bitbucket.org/snippets/aaronbartell/jnB79
Everything looks correct concerning perms (r+x on every dir in tree).
I am up to date with PTFs. Any suggestions?
[...]
Given "You" in the "Cause:" descriptive text of the message refers to
the User Profile (USRPRF) that was running when the error transpired, and I
suspect that the specific user affected may have been QTMHHTTP, was that
script run under that USRPRF or perhaps run under another USRPRF?
A T-AF [authority failure] audit journal entry should reveal which job
and current user profile to which the object was not authorized; assuming
the *AUTFAIL auditing is active prior to the failure.
--
Regards, Chuck
--
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing
list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.