On 08-Jan-2016 14:48 -0700, Aaron Bartell wrote:
Trying to start Apache instance configured for FastCGI and I get the
following error.

Conspicuously missing from what is given below, are: message identifier, from-program, to-program, and job.


From module . . . . . . . . : QP2LOAD
From procedure . . . . . . : send_message__FPcT1Pvi
Statement . . . . . . . . . : 11
To module . . . . . . . . . : QP0ZPCPN
To procedure . . . . . . . : Qp0zNewProcess
Statement . . . . . . . . . : 278
Message . . . . : Not authorized to PASE for i program
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi.
Cause . . . . . : You must have execute authority for the file and
every directory in the path. You may also need read authority to the
file if it is on a remote file system or a local file system other
than the root file system or QOpenSys file system.
Recovery . . . : Verify that you have read and execute authority to
the file, and execute authority to all directories in the path, then
try the request again.
Technical description: The error occurred loading Portable
Application Solutions Environment program
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi.

I have a shell script named full_path_perms.sh** that gives me the
perms for each dir, as shown below.

$ ./full_path_perms.sh /QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi
drwxrwsrwx 13 qsys 0 339968 Dec 21 21:41
/QOpenSys
drwxr-sr-x 4 qsys 0 8192 May 21 2015
/QOpenSys/QIBM
drwxr-sr-x 13 qsys 0 12288 Jan 8 16:59
/QOpenSys/QIBM/ProdData
drwxr-sr-x 6 qsys 0 8192 May 21 2015
/QOpenSys/QIBM/ProdData/OS400
drwxr-sr-x 9 qsys 0 8192 May 21 2015
/QOpenSys/QIBM/ProdData/OS400/PASE
drwxr-sr-x 2 qsys 0 28672 Nov 25 09:04
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin
-rwxr-xr-x 1 qsys 0 36114 Oct 6 2013
/QOpenSys/QIBM/ProdData/OS400/PASE/sbin/zfcgi

My httpd.conf file: https://bitbucket.org/snippets/aaronbartell/jnB79

Everything looks correct concerning perms (r+x on every dir in tree).
I am up to date with PTFs. Any suggestions?
[...]

Given "You" in the "Cause:" descriptive text of the message refers to the User Profile (USRPRF) that was running when the error transpired, and I suspect that the specific user affected may have been QTMHHTTP, was that script run under that USRPRF or perhaps run under another USRPRF?

A T-AF [authority failure] audit journal entry should reveal which job and current user profile to which the object was not authorized; assuming the *AUTFAIL auditing is active prior to the failure.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.