Some AutoSys directories have wide open permission.

Document ID : KB000014208
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Some AutoSys 11.3.6 directories have wide open permissions.  

Can you please list all the files and folders that have 777 permissions and provide the reasons why they are set that way.

 

Environment:
Workload Automation AE 11.3.xPlatform - UNIX/LINUX
Answer:

In the AE root folder $AUTOUSER/audit should have a restricted deletion flag or sticky bit set and used for storing EEM audit reports. The report generation will fail if a user generating the reports donot have permissions over this folder. 

# ls -ld $AUTOUSER/audit 

drwxrwxrwt 2 autosys autosys 4096 May 10 23:10 /opt/CA/WorkloadAutomationAE/autouser.ORA/audit 

$AUTOSYS/install/soapWS was intended for only a limited few Customers. The folder need not have write permission to all/others but it is set that way by default. 

# ls -ld $AUTOSYS/install/soapWS 

drwxrwxrwx 2 autosys autosys 4096 May 9 18:51 /opt/CA/WorkloadAutomationAE/autosys/install/soapWS 

There will be files in Agent spool folder($AUTOSYS/../SystemAgent/WA_AGENT/spool/*/*/*) that will have sticky bit set which will be created by the a Agent to run the jobs. There is an Agent installed file ($AUTOSYS/../SystemAgent/WA_AGENT/UninstallData/.com.zerog.registry.xml) that has full permissions to be used by the Agent installer. 

In the $CASHCOMP folder there will be some files and folders full or special permissions set.  These are required for their service to run. 

Examples:

$CASHCOMP/Csam/SockAdapter

srwxrwxrwx 1 root root 0 May 10 01:13 /opt/CA/SharedComponents/Csam/SockAdapter/.csam_broker 

$CASHCOMP/csutils/bin

-r-sr-xr-x. 1 root root  42579 Nov 22 03:48 casrvc

lrwxrwxrwx. 1 root root      6 Apr 12 13:08 unisrvcntr -> casrvc