DB2 FOR LUW / DB2FORLUW / 950 - DB2

When logging an audit event on the client side, if the 
application triggering the audit event is a setuid executable, 
it's possible for the audit operation to fail if the effective 
user ID and real user ID of the application are different. The 
failure is due to how DB2 handles client-side audit events 
internally. 
 
If DB2 audit is enabled, and such an application is run, you 
will see the following entries in the db2diag.log file: 
 
 
2011-01-18-21.02.56.810052-360 E149233A416        LEVEL: Error 
(OS) 
PID     : 4032                 TID  : 1           PROC : db2aud 
INSTANCE: db2instv             NODE : 000 
EDUID   : 1 
FUNCTION: DB2 UDB, oper system services, sqlorqueInternal, 
probe:9 
MESSAGE : ZRC=0x870F00BB=-2029059909=SQLO_QUE_NO_ACCESS 
          "do not have the access right" 
CALLED  : OS, -, msgrcv 
OSERR   : EACCES (13) "Permission denied" 
 
2011-01-18-21.02.56.811897-360 I149650A382        LEVEL: Error 
PID     : 4032                 TID  : 1           PROC : db2aud 
INSTANCE: db2instv             NODE : 000 
EDUID   : 1 
FUNCTION: DB2 UDB, bsu security, sqlex_db2aud_main, probe:170 
MESSAGE : ZRC=0x870F00BB=-2029059909=SQLO_QUE_NO_ACCESS 
          "do not have the access right" 
DATA #1 : Hex integer, 4 bytes 
 
The db2hpu utility has been known to run into this problem, when 
run as a non-instance owner user.

When db2audit is enabled, running db2hpu as non-instance owner 
results in EACESS entry in db2diag.log

DB2 Version 9.5 Fix Pack 8 for Linux, UNIX, and Windows
 DB2 Version 9.5 Fix Pack 9 for Linux, UNIX, and Windows
 DB2 Version 9.5 Fix Pack 10 for Linux, UNIX, and Windows
 

Fixed in V9.5 fp8

not known / see Local fix

forerunner  : APAR is sysrouted TO one or more of the following: IC75539 
follow-up : 

Date  - problem reported    :
Date  - problem closed      :
Date  - last modified       :

18.02.2011
11.07.2011
11.07.2011

9.5.FP8