I am getting error while applying EAC for AIX server. I have applied EAC rule as
Begin Rule: EAC Rule If ((command IN cpcksh)) Then Set Authorize: yes Set Session Capture: yes Run Script: Enhanced Access Control Policy (policy path default read:!all path /usr/bin/** exec:!all ) Stop if authorized End If End Rule: EAC Rule
When I am trying to run use this on AIX system, I am getting following error:
"Error, cannot open policy: A file descriptor does not refer to an open file."
When I tried to debug deeper, I suspect cause of issue in EAC script in following line:
I think it has to do with your script arguments for your EAC policy. As long as you are using the default EAC script, there should be an issue within the script.
For troubleshooting purposes, try removing your current Script Arguments for this rule and add: name: policy value: default all:log
Then test your rule again. If it works with the above changes, start adding new script arguments one by one until you see your error. It appears the script arguments you supplied may be too restrictive and you stopped crucial binaries from running.
rajeshemailto;216086 Wrote: > Hi, > > Greetings for the day!! > > I am getting error while applying EAC for AIX server. I have applied > EAC rule as > > Begin Rule: EAC Rule > If ((command IN cpcksh)) > Then > Set Authorize: yes > Set Session Capture: yes > Run Script: Enhanced Access Control Policy > (policy > path default read:!all > path /usr/bin/** exec:!all > ) > Stop if authorized > End If > End Rule: EAC Rule > > When I am trying to run use this on AIX system, I am getting following > error: > > "Error, cannot open policy: A file descriptor does not refer to an open > file." > > When I tried to debug deeper, I suspect cause of issue in EAC script in > following line: > > "$meta->child("Options")->arg("policy",$policy);" > > No sure, where is the issue? > > Thanks for help in advance.