PQ82444: FSUM8985 during applyptf for W501001

 A fix is available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
After installing WebSphere for z/OS service level W501001, the
daemon issues messages into the W501001.log file:
<<< 
PQ74699.sh -  Begin -  Action=apply, Backup directory=
/WebSphere/V5R0M0/cellsp/DeploymentManager/properties/service/
backup/W501001/PQ74699, Mon Oct 27 11:20:39 MST 2003
processing apply path...
processing the template file:
/WebSphere/V5R0M0/cellsp/DeploymentManager/config/templates/
default/nodes/servers/server1/server.xml
cp: FSUM8985 Cannot reset uid or gid on file
"/WebSphere/V5R0M0/cellsp/DeploymentManager/properties/service/
backup/W501001/PQ74699/server.xml":
EDC5139I Operation not permitted.
Warning: while backing up file
/WebSphere/V5R0M0/cellsp/DeploymentManager/config/templates/
default/nodes/servers/server1/server.xml to
/WebSphere/V5R0M0/cellsp/DeploymentManager/properties/service/
backup/W501001/PQ74699
         Return code from cp command is 1
>>> 
PQ74699.sh - End - Action=apply, Backup
directory=/WebSphere/V5R0M0/cellsp/DeploymentManager/properties/
service/backup/W501001/PQ74699, Mon Oct 27 11:20:40 MST 2003
---
The file backup operation did not complete. The post-installer
steps were not performed.
---
The failing /bin/cp command contains the -p flag which causes
the utility to copy the source file's user name (UID) and group
name (GID) to the target file. If the system is running with
_POSIX_CHOWN_RESTRICTED activated then only superusers are
allowed to change uids on files. Non-superusers are only allowed
to change the GID. Attempts to change the UID in this case
generate FSUM8985 message and return code 1 from the /bin/cp
utility.
_POSIX_CHOWN_RESTRICTED is active by default.
This setting can be disabled system-wide via the
CHOWN.RESTRICTED profile. This setting can be disabled
for selected users and groups using the
SUPERUSER.FILESYS.CHOWN profile.
Local fix
In order for postinstaller scripts to complete their operations
as expected, ensure they are invoked by a userid which is not
affected by the _POSIX_CHOWN_RESTRICTED system attribute.
The preferred method for this is to
1) Define a profile in the UNIXPRIV class to protect the
   resource called SUPERUSER.FILESYS.CHOWN.
   For example:
   RDEFINE UNIXPRIV SUPERUSER.FILESYS.CHOWN UACC(NONE)
2) Authorize selected users that invoke postinstaller as
   appropriate:
   PERMIT SUPERUSER.FILESYS.CHOWN CLASS(UNIXPRIV)
          ID(appropriate-groups-and-users) ACCESS(READ)
3) Activate the UNIXPRIV class, if it is not currently active at
   your installation:
   SETROPTS CLASSACT(UNIXPRIV)
4) You must activate SETROPTS RACLIST processing for the
   UNIXPRIV class, if it is not already active:
   SETROPTS RACLIST(UNIXPRIV)
5) If SETROPTS RACLIST processing is already in effect for the
   UNIXPRIV class, you must refresh SETROPTS RACLIST processing
   in order for new or changed profiles in the UNIXPRIV class to
   take effect.
   SETROPTS RACLIST(UNIXPRIV) REFRESH
--
Alternatively, to allow all z/OS UNIX users to transfer
ownership of files they own to any UID or GID on the system,
create a discrete profile in the UNIXPRIV class called
CHOWN.UNRESTRICTED. If this profile is defined on your system,
_POSIX_CHOWN_RESTRICTED will not be in effect, and all z/OS UNIX
users will be allowed to issue the chown command to transfer
ownership of files that they own.
1) Define the discrete profile in the UNIXPRIV class called
   CHOWN.UNRESTRICTED:
   RDEFINE UNIXPRIV CHOWN.UNRESTRICTED
2) Activate the UNIXPRIV class, if it is not currently active at
   your installation:
   SETROPTS CLASSACT(UNIXPRIV)
3) You must activate SETROPTS RACLIST processing for the
   UNIXPRIV class, if it is not already active.
   SETROPTS RACLIST(UNIXPRIV)
4) If SETROPTS RACLIST processing is already in effect for
   the UNIXPRIV class, you must refresh SETROPTS RACLIST
   processing in order for the CHOWN.UNRESTRICTED profile to
   take effect.
   SETROPTS RACLIST(UNIXPRIV) REFRESH
Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V5.0 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: Some post install scripts fail          *
*                      because they use the "-p" option on     *
*                      file copies.                            *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Some post install scripts fail because they use the "-p" option
on file copies. If the userid associated with the server proc
is not the owner of the file being copied, the file copy will
return a bad return code, making the scripts exit with a
warning before they complete.

If you encountered this problem, you would find this error
message in the post installer service log (<service_level>).log

cp: FSUM8985 Cannot reset uid or gid on file "<file name>":
EDC5139I Operation not permitted

These scripts may have failed during service application and
returned a warning (to the console and to the post installer
logs):


PQ74699
MD18085
MD17901
MD18446
MD18406
WS15621.06

Their post install actions were not completed if this error
was encountered.
Problem conclusion
Ship a new post install script reruns the affected scripts if
they have not completed sucessfully.

APAR PQ82444 is associated with SERVICE LEVEL W502002 of
WebSphere Application Server V5.0 for z/OS.
Temporary fix Comments
APAR information
APAR number PQ82444
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 500
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-12-18
Closed date 2004-02-12
Last modified date 2004-03-03

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
BBOUBINF          

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSY UQ85128    UP04/02/20 P F402

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PQ82444.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ82444
IBM Group: Software Group
Modified date: Mar 3, 2004