Results 1 to 8 of 8
  1. #1
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,361

    mount point permission for db2 filesystems

    How do you set mount point permissions for db2 filesystems? I think the underlying mount point for the instance home filesystem needs to have 755. But what about other filesystems used by db2 (ie. active logs, tablespaces)? How does your SA set them?

    Here is what I found in the following redbook:
    http://www.redbooks.ibm.com/redbooks/pdfs/sg247821.pdf

    Code:
    2.1.11 File system mount point permissions
    
    
    DB2 installation in a separate file system:
     For root installations when DB2 product is installed on separate file system or
    on a non-default directory, ensure others are given read and execute
    permission for underlying mount point.
    For example, when DB2 is installed in /db2bin/opt/IBM/db2/V9.7/ and
    /db2bin is a separate file system, ensure others have read and execute file
    permissions on empty /db2bin mount point directory
    This allows non-root users to successfully execute the db2ls command. Using
    db2ls, you can list installed DB2 products and features.
    Note: To enable long password support on the AIX 6.1, install APAR IZ35001.
    
    
    DB2 instance directory in a separate file system:
    In scenarios where a separate file system is used for DB2 instance home
    directory, ensure that DB2 instance ID owns the mount directory (home dir) for
    successful DB2 instance creation.
    For example db2inst1 must own the /db2home/db2inst1 directory when a
    separate file system is mounted on it.

  2. #2
    Join Date
    May 2003
    Location
    USA
    Posts
    5,734
    We set to 755 for all DB2 related mount points. Pirmary group for all instance owners is db2iadm on our systems.
    M. A. Feldman
    IBM Certified DBA on DB2 for Linux, UNIX, and Windows
    IBM Certified DBA on DB2 for z/OS and OS/390

  3. #3
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,361
    OK, Thanks.

    I got the following error:

    db2inst1@xxxxx:/xxx/db2/db2inst1/sqllib/bnd> db2 bind db2schema.bnd
    DB21019E An error occurred while accessing the directory ".".

    drwxr-xr-x 7 db2inst1 db2iadm1 4096 Dec 6 13:40 /xxx/db2/db2inst1


    I'm pretty sure this error is related to mount point permissions for the instance home. The dir has 755, but I can't see the mount point permissions for a mounted FS. Will wait until it gets unmounted to verify.

  4. #4
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,361
    The command works when executed from $HOME:

    db2inst1@xxxxx:/xxx/db2/db2inst1> db2 bind /xxx/db2/db2inst1/sqllib/bnd/db2schema.bnd

    LINE MESSAGES FOR db2schema.bnd
    ------ --------------------------------------------------------------------
    SQL0061W The binder is in progress.
    SQL0091N Binding was ended with "0" errors and "0" warnings.


    So, this is not related to instance home mount point. It must be the mount point for /opt/IBM/db2

    db2inst1@xxxxx:/xxx/db2/db2inst1/sqllib/bnd> df -g .
    Filesystem GB blocks Free %Used Iused %Iused Mounted on
    /dev/fslv06 2.00 0.90 56% 7298 4% /opt/IBM/db2

  5. #5
    Join Date
    May 2003
    Location
    USA
    Posts
    5,734
    Correct, you cannot execute any commands while in the $HOME/sqllib/bnd directory (and some others) if the commands try to write to that directory.
    M. A. Feldman
    IBM Certified DBA on DB2 for Linux, UNIX, and Windows
    IBM Certified DBA on DB2 for z/OS and OS/390

  6. #6
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,431
    Quote Originally Posted by db2girl View Post
    So, this is not related to instance home mount point. It must be the mount point for /opt/IBM/db2
    Not even that; it's about the permissions for /opt/ibm/db2/.../bnd, where the BIND command probably attempts to write a log file or something. In a root install that directory is probably owned by root and is not writable by the instance owner.
    ---
    "It does not work" is not a valid problem statement.

  7. #7
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,361
    I checked the permissions/ownership on /opt/IBM/db2 directories - all look good. I still believe that it's the mount point permission on /opt/IBM/db2 filesystem. I've always performed bind from $HOME/sqllib/bnd, so far this is the only server where bind from $HOME/sqllib/bnd or /opt/IBM/db2... doesn't work. Will check the mount point permissions to confirm.

  8. #8
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,361
    Checked/corrected mount point permissions with SA:

    Code:
    # umount /opt/IBM/db2
    
    # pwd
    /opt/IBM
    
    # ls -ld db2
    drwx------    2 root     system          256 Aug 24 10:20 db2
     
    # chmod 755 db2
    
    # ls -ld db2   
    drwxr-xr-x    2 root     system          256 Aug 24 10:20 db2
    
    # mount /opt/IBM/db2
    
    # ls -ld db2         
    drwxr-xr-x    4 root     system          256 Aug 24 13:48 db2

    After making this change, bind works:


    Code:
    db2inst1@xxxx:/xxx/db2/db2inst1/sqllib/bnd> db2 bind db2schema.bnd
    
    LINE    MESSAGES FOR db2schema.bnd
    ------  --------------------------------------------------------------------
            SQL0061W  The binder is in progress.
            SQL0091N  Binding was ended with "0" errors and "0" warnings.
    
    
    db2inst1@xxxx:/opt/IBM/db2/V9.5/bnd> db2 bind db2schema.bnd
    
    LINE    MESSAGES FOR db2schema.bnd
    ------  --------------------------------------------------------------------
            SQL0061W  The binder is in progress.
            SQL0091N  Binding was ended with "0" errors and "0" warnings.

    Too bad I can't check mount point permissions myself. I can't find the command that will display this info when the FS is mounted. When it's mounted, all I see is the permissions on the dir, which showed 755. I found istat command here underlying mount-points - Mombu the Programming Forum , but it doesn't seem to work. I saw 755 - same as dir permissions.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •