A fix is available
APAR status
Closed as program error.
Error description
============= lssec fails to retrieve the attributes when executed by an authorized user. To recreate the steps for the scenario : 1) mkrole authorizations=aix.security.audit.list,aix.security.config, aix.security.group.list,aix.security.passwd.normal,aix.security. aix.security.user.create,aix.security.user.list role1 2) mkuser roles=role1 default_roles=role1 authuser 3) setkst 4) cp /etc/security/passwd /etc/security/passwd.orig 5) #create your own passwd file. cat > /etc/security/passwd << EOF root: password = lastupdate = 741301584 flags = NOCHECK guest: password = lastupdate = 1169620301 flags = NOCHECK EOF 6) su - authuser -c "lssec -f /etc/security/passwd -s root -a lastupdate" 1420-070 Not authorized to perform the requested operation <<--- bug!
Local fix
Problem summary
============= lssec fails to retrieve the attributes when executed by an authorized user. To recreate the steps for the scenario : 1) mkrole authorizations=aix.security.audit.list,aix.security.config, aix.security.group.list,aix.security.passwd.normal,aix.security. role.list, aix.security.user.create,aix.security.user.list role1 2) mkuser roles=role1 default_roles=role1 authuser 3) setkst 4) cp /etc/security/passwd /etc/security/passwd.orig 5) #create your own passwd file. cat > /etc/security/passwd << EOF root: password = lastupdate = 741301584 flags = NOCHECK guest: password = lastupdate = 1169620301 flags = NOCHECK EOF 6) su - authuser -c "lssec -f /etc/security/passwd -s root -a lastupdate" 1420-070 Not authorized to perform the requested operation <<--- bug!
Problem conclusion
New authorization is added to lssec command to fix this problem.
Temporary fix
Comments
6100-04 - use AIX APAR IZ97652 6100-05 - use AIX APAR IZ97513 6100-06 - use AIX APAR IZ93111 6100-06 - use AIX APAR IZ85127 7100-00 - use AIX APAR IZ85510
APAR Information
APAR number
IZ85127
Reported component name
AIX 610 STD EDI
Reported component ID
5765G6200
Reported release
610
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Submitted date
2010-09-16
Closed date
2010-09-16
Last modified date
2013-04-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
AIX 610 STD EDI
Fixed component ID
5765G6200
Applicable component levels
R610 PSY U833130
UP11/05/10 I 1000
PTF to Fileset Mapping
U833130 bos.rte.security 6.1.6.15
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSAUMY","label":"IBM AIX Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11Q","label":"AIX 6.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
17 April 2013