Get "Permission Denied" error when accessing NSS files with McAfee's LinuxShield (nails)

  • 7003150
  • 28-Apr-2009
  • 27-Apr-2012

Environment

Novell Open Enterprise Server 1 (OES 1) Support Pack 2 Linux
Novell Open Enterprise Server 2 (OES 2)
Novell Open Enterprise Server (Linux based)

Situation

Using "admin""root" or any other user from the server console prompt you will get a "Permission denied" message when accessing a NSS volume.

Symptoms are sporatic, on some of the NSS volumes access works and other volumes it does not, at different times it will work on some and not others.

It may be possible to "touch" a file but not "cat" it.

For example a "cat file.txt" command in /media/nss/VOL1/ gives "permission denied"

In a LAN trace using the Novell Client it shows the following when trying to open a file on the NSS volume.
  Request: NCP 89,1 Open/Create File or Subdirectory
  Reply: "No matching files or directories were found"

Strace shows "Permission denied"

Resolution

In the LinuxShield documentation it states in the "To install LinuxShield 1.5.1 on Novel Open Enterprise Server 1 or 2" section it asks for specific rights to be added to the NSS volume.

"4 Provide “nails” user with administrative privileges on all the NSS volumes.
Tip:  rights -f /media/nss/<VOL-name> -r s trustee nails.<context>.<tree>
You need to provide administrative privileges to the “nails” user, every time a new NSS
volume is created."

Feedback service temporarily unavailable. For content questions or problems, please contact Support.