In my system I am attempting to do authenticaion via the roleMap in the authentication.conf file in the pooling space. To make this work I have 2 instances of the authentication.conf file, one in the pooling space containing all the data BUT the encrypted password, and one in etc/system/local which ONLY contains is the encrypted password.
When I start the server, it picks up all the values as I expect and runs as anticipated. BUT... when I look at the etc/system/local file immediately after the restart, it has been populated with roleMap data. Because of that, on subsequent restarts, the search head no longer picks up the pooled version of the roleMap, but the local one with the unwanted role stanza. I need to keep the etc/system/local file from being written to so that it only contains the password.
I would also note that using the gui for role modification in this configuration also creates a etc/system/local entry, but that is not what is happening in this case.
Any idea what is updating this file and how to keep it from doing that? I have tried to make the file read-only (chmod 400) but it gets modified anyway and the permissions reset to read-write (600).
Thanks for any suggestions -
... View more