ILMT Upgrade to 9.2.32 fixlet has error in relevance 6 & 8

chribor 2023-08-31 05:26:48 UTC #1

Hi!
For one of my customers the fixlet ILMT Upgrade to 9.2.32 is not showing any applicable computers.
I then created an analysis for this fixlet, and it shows “error” in the columns for relevance 6 and 8.
I could not find anything in client log, so I enabled debug mode.
But nothing in debug log that was hinting what the problem is.

The ILMT server is running on RedHat 8.7.
I doublechecked that all prerequisite packages are installed.

Any hints how I can find out why these relevances are not functoning?

//Christer Borg

itsmpro92 2023-08-31 07:12:13 UTC #2

Relevance 6 & 8 appear to be checking for free space on the machine where ILMT is running. I’d look at that first.

Have you or they been able to apply previous updates to the ILMT server?

chribor 2023-08-31 07:36:44 UTC #3

There is lot of free diskspace, this is what I checked first.
But even if there was not enough disk, the relevance should be false, not error.

This is the first upgrade.
ILMT 9.2.31 was installed in June, and it is a rather tightened environment regarding security.
So that is why I want to find out why the relevance does not work in case there is other things not working properly.

//CB

ssakunala 2023-08-31 11:49:49 UTC #4

Both 6 and 8 relevance statements try to access /etc/passwd file as part of the evaluation. You mentioned tightened security. What kind of restrictions are in place and may be this is access related, though the client runs as root.

chribor 2023-09-01 08:37:12 UTC #5

I found out what the problem is. It is /etc/passwd that is protected in some way I don’t know. It is owned by root:root with access rights -r–r--r–. As root in a ssh session I have no problems reading it.
However, I made a custom copy of the fixlet, took a small amount of users from passwd and saved it in /tmp/users.txt, I modified the fixlet to use the copy instead, and this works.

chribor 2023-09-01 14:50:07 UTC #6

The reason is that the file /etc/passwd is too big, 190k!
When I made a full copy of it to /tmp/users.txt, the custom copy of the fixlet also failed.
I will report this as an error to IBM.

ssakunala 2023-09-01 20:09:11 UTC #7

Can you please tell how many lines are in the file? A command like wc -l /etc/passwrd will give the line count.

Thank you for pointing this out.

JasonWalker 2023-09-01 21:16:12 UTC #8

I think it’s unlikely that the file size is the problem, is it possible one of the lines is malformed?

chribor 2023-09-04 08:05:30 UTC #9

You are right, it is not the size!
Before reporting it as a problem, I had to check it in more detail and see if it was possible to recreate it.
It turned out to be users in /etc/passwd with names containing \xE5.
This is small a with a ring above, but in Unicode, CP1252, 8859-1.
Most likely the users are imported from other systems with other codepages, and there are more than 2500 of them!

It is very easy to recreate this problem. I have done this in two other installations, RedHat 7.9 and 8.5, BigFix 10.0.5 and 10.0.9. At least RH8.5 is a plain installation with no extra security tweakings.
USERNAME=$(echo -e -n “P\xe5l Paljett”)
useradd -c “$USERNAME” -s /bin/bash -m paljett
Then create an analyse of the Upgrade fixlet, and check the result.

//Christer

chribor 2023-09-18 06:55:04 UTC #10

There is an APAR for this, IJ24502.
And there will be an addition in the ILMT manual, in the “Installation and upgrade problems” section.
The workaround is to manually export/import the ILMT upgrade fixlet with relevance 6 & 8 removed.
Or run the upgrade manually from the command line.

//Christer