PowerEdge: SEC0704 "authentication check" failure at service start with iDRAC Service Module on Linux
Shrnutí: iDRAC Service Module (iSM) 5.2.0 and earlier on any supported Linux version fails to start its service with a SEC0704 error logged if the install path of its binaries contains a symlink to a different path. Alternative install paths are not accepted by iSM’s own binary verification system. ...
Příznaky
The following error may be recorded in the main Linux system log after the iSM service "dcismeng.service" fails to start:SEC0704: The authentication check operation performed by iSM has failed for the following module or application because either the Binary Load path is incorrect or the binary or configuration file is tampered, replaced, or untrusted : Faulting application: "dsm_ism_srvmgrd"
Příčina
iSM checks its own integrity of its binaries before its service continues to start. This integrity authentication check includes the actual hard path of where the binary is installed within the /opt/ partition only. If /opt contains a symlink to a different location such as another drive containing more storage the check fails to start iSM.
Řešení
This is working as designed. iSM expects to install its files in the absolute /opt partition path. Instead of using symlinks it is recommended to mount a different drive/partition to the /opt path instead.