https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584542#M374221 <BR />Hello, <BR /><BR />I am not able to guess what this error means in the rbacdbchk. It only appears with an rbacdbchk, but not with one of the options alone (-r, -a, -u, -c, -R, -x), and it is not showed when -vvv is used (I can see all the checking around the DBs is done but the error is not there)<BR /><BR /># rbacdbchk<BR />[Invalid Authorization in role_auth DB. Auth with operation='hpux.*' and object='*' does not exist in the auths DB]<BR />Administrator:(hpux.*, *)<BR /><BR />In other environment this is working, being the user_role, roles, role_auth, cmd_priv and auths files the same.<BR /><BR />Any help or clue will be welcomed, thank you in advance<BR /><BR />#rbacdbchk -vvv<BR /><BR />### Checking database /etc/rbac/roles<BR />Checking field values in line: 'Administrator: Sample role shipped with system; assigned all auths by default' <BR />...(and some more)<BR /><BR />### Checking database /etc/rbac/auths<BR />Checking field values in line: '(hpux.*,*):' <BR />Checking field values in line: '(hpux.admin.boot.config,*):' <BR />Checking field values in line: '(hpux.admin.boot.make,*):' <BR />Checking field values in line: '(hpux.admin.boot.remove,*):' <BR />Checking field values in line: '(hpux.admin.kernel.config,*):' <BR />Checking field values in line: '(hpux.admin.kernel.crash.save,*):'<BR />... Tue, 16 Feb 2010 10:10:00 GMT Antonio Egea 2010-02-16T10:10:00Z https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584542#M374221 <BR />Hello, <BR /><BR />I am not able to guess what this error means in the rbacdbchk. It only appears with an rbacdbchk, but not with one of the options alone (-r, -a, -u, -c, -R, -x), and it is not showed when -vvv is used (I can see all the checking around the DBs is done but the error is not there)<BR /><BR /># rbacdbchk<BR />[Invalid Authorization in role_auth DB. Auth with operation='hpux.*' and object='*' does not exist in the auths DB]<BR />Administrator:(hpux.*, *)<BR /><BR />In other environment this is working, being the user_role, roles, role_auth, cmd_priv and auths files the same.<BR /><BR />Any help or clue will be welcomed, thank you in advance<BR /><BR />#rbacdbchk -vvv<BR /><BR />### Checking database /etc/rbac/roles<BR />Checking field values in line: 'Administrator: Sample role shipped with system; assigned all auths by default' <BR />...(and some more)<BR /><BR />### Checking database /etc/rbac/auths<BR />Checking field values in line: '(hpux.*,*):' <BR />Checking field values in line: '(hpux.admin.boot.config,*):' <BR />Checking field values in line: '(hpux.admin.boot.make,*):' <BR />Checking field values in line: '(hpux.admin.boot.remove,*):' <BR />Checking field values in line: '(hpux.admin.kernel.config,*):' <BR />Checking field values in line: '(hpux.admin.kernel.crash.save,*):'<BR />... Tue, 16 Feb 2010 10:10:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584542#M374221 Antonio Egea 2010-02-16T10:10:00Z https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584543#M374222 Hi,<BR />I'm not very familiar with rbac, but normally as I understand the messages says that in the file /etc/rbac/role_auth you have a value <BR />Administrator: (hpux.*, *) that is not matching the auths file. But the auths file are always like (hpux.*,*):<BR />So maybe there is a typo error on the /etc/rbac/role_auth that you can not see while the rbacdbck can check it.<BR />Copy this line from another good server could help you?<BR />HTH Tue, 16 Feb 2010 10:41:12 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584543#M374222 smatador 2010-02-16T10:41:12Z https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584544#M374223 We thought about that, but the copied all the files from the working server to the failing one and it the same error is appearing...<BR /><BR />They are having some issues with Ignite and maybe that's the problem but I am not sure Tue, 16 Feb 2010 13:17:41 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584544#M374223 Antonio Egea 2010-02-16T13:17:41Z https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584545#M374224 Hi Antonio<BR /><BR />&gt;We thought about that, but the copied all the files from the working server to the failing one and it the same error is appearing...<BR /><BR />That's mean, the db is ok. So I suppose the problem is on the rbacdbchk command.<BR />You write about ignite issue. What's the problem? Do you have restore this box?<BR /><BR /><BR />Do you have check about library of rbackdbchk<BR />ldd /usr/sbin/rbacdbchk<BR />and compare ll <LIBFILE> with another good one.<BR />You could also check about patches like<BR />PHCO_40362<BR /><BR />HTH<BR /><BR /><BR /></LIBFILE> Tue, 16 Feb 2010 14:05:14 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584545#M374224 smatador 2010-02-16T14:05:14Z https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584546#M374225 We are investigating the corruption problem. From a tusc looks like it is opening the /etc/rbac/auths several times with different contents, I will try cksum Wed, 17 Feb 2010 11:24:19 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-containment-rbac/m-p/4584546#M374225 Antonio Egea 2010-02-17T11:24:19Z