Has anyone moved /opt/netiq/npum/service/local/audit
to an NFS mount? The databases in PAM are SQLite databases and https://www.sqlite.org/howtocorrupt.html#_filesystems_with_broken_or_missing_lock_implementations notes:
2.1. Filesystems with broken or missing lock implementations
SQLite depends on the underlying filesystem to do locking as the documentation says it will. But some filesystems contain bugs in their locking logic such that the locks do not always behave as advertised. This is especially true of network filesystems and NFS in particular. If SQLite is used on a filesystem where the locking primitives contain bugs, and if two or more threads or processes try to access the same database at the same time, then database corruption might result.
We tried to move /opt/netiq/npum/service/local/audit to an NFS mount and saw the following in unifid.log:
Wed Jan 24 02:03:30 2024, 521, 2951182080, 10344, Error, Db cmdctrl.db - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:03:30 2024, 521, 2951182080, 10344, Error, Db cmdctrl.db - SQL Error, database is locked
Wed Jan 24 02:03:30 2024, 521, 2951182080, 10344, Error, Db cmdctrl.db - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:03:30 2024, 521, 2951182080, 10344, Error, Db cmdctrl.db - SQL Error, database is locked
Wed Jan 24 02:03:30 2024, 522, 2951182080, 10344, Info, Maximum Risk is processed in the current cmdctrl.db audit Database.
Wed Jan 24 02:03:30 2024, 525, 2951182080, 10344, Info, Process Maximum Risk - Next Run is at : Thu Jan 25 00:00:00 2024 (1706162400)
…
Wed Jan 24 02:04:01 2024, 636, 2951182080, 10344, Error, Db audit.ldb - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:04:01 2024, 636, 2951182080, 10344, Error, Db audit.ldb - SQL Error, database is locked
Wed Jan 24 02:04:01 2024, 636, 2951182080, 10344, Error, Db audit.ldb - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:04:01 2024, 636, 2951182080, 10344, Error, Db audit.ldb - SQL Error, database is locked
Wed Jan 24 02:04:01 2024, 636, 2951182080, 10344, Error, Error committing local audit database 175005[database is locked]
…
Wed Jan 24 02:28:36 2024, 105, 3165808384, 5520, Error, Db cmdctrl.db - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:28:36 2024, 105, 3165808384, 5520, Error, Db cmdctrl.db - SQL Error, database is locked
Wed Jan 24 02:28:36 2024, 105, 3165808384, 5520, Error, Db cmdctrl.db - SQL Statement, COMMIT TRANSACTION
Wed Jan 24 02:28:36 2024, 105, 3165808384, 5520, Error, Db cmdctrl.db - SQL Error, database is locked
Wed Jan 24 02:28:36 2024, 105, 3165808384, 5520, Info, Maximum Risk is processed in the current cmdctrl.db audit Database.
Wed Jan 24 02:28:36 2024, 108, 3165808384, 5520, Info, Process Maximum Risk - Next Run is at : Thu Jan 25 00:00:00 2024 (1706162400)