HP-UX: `swlist` security check failed unexpectedly due to missing nsswitch.conf

Posted on May 29, 2009


I found this following warning and error messages when I executed `swlist` in my HP-UX B.11.31 server:

# swlist
# Initializing...
# Contacting target "xxxxx"...
WARNING: An attempt to get the network host entry for "xxxxx" failed.
         This may result in denial of access to users and agents ata
         this host.  Check the spelling of this name, then your
         "/etc/hosts" file, or your "/etc/resolv.conf" file and DNS
         resolver configuration.  The nslookup program may be helpful
         in isolating this problem.
ERROR:   Internal error.  Security check failed unexpectedly.  This
         error occurred in function "idam_LocateLocalFile", source file
         "id.c", line 4765.  Please give this information to your
         Hewlett-Packard support contact.
ERROR:   "xxxxx:/":  You do not have permission for this operation.
         The depot owner, system administrator, or alternate root owner
         may need to use the "swreg" or "swacl" command to give you
         permission.  Or, to manage applications designed and packaged
         for nonprivileged mode, see the "run_as_superuser" option in
         the "sd" man page.

I tried these with no success:

  • logged in as root
  • checked out hosts file: /etc/hosts
  • verified DNS resolver in SMH (successor of SAM)
  • restarted swagentd for serveral times
  • executed `swreg` and `swacl` commands

Long story short, I found this page: http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1289772

These are the steps:

  • Go to `/etc`
  • Copy `nsswitch.hp_defaults` to `nsswitch.conf`
  • Change `hosts: dns [NOTFOUND=return] nis [NOTFOUND=return] files` to `hosts: files dns [NOTFOUND=return] nis [NOTFOUND=return]`
  • Restart swagent daemon `/usr/sbin/swagentd -r`
Posted in: Technology