ECLA-20110330-1

Eclipse Technical Bulletin

Urgent: Potential Data Loss through User Removal

Advisory:

ECLA-20110330-1

Summary:

Eclipse has identified a specific series of actions that may be performed during normal operating system user maintenance that could result in Eclipse data loss.

Details:

Traditionally, all Eclipse Eterm users have been configured to share a common home directory (/u2/eclipse). This home directory is the location of the Eclipse UniVerse database. Upon login, the Eclipse software is automatically launched, and the user is presented with the familiar Eterm login screen. On a majority of UNIX platforms, each operating system user is given their own, unique home directory (ie /home/username). As such, many of the tools built into Red Hat Enterprise Linux (RHEL) have built-in options for managing a user’s home directory. For example, an administrator may wish to remove a user’s home directory when deleting a user from the system.

While this behavior is commonplace in the UNIX world, it has disastrous implications for the Eclipse environment. Inadvertently approving the removal of an Eclipse user’s home directory (/u2/eclipse) will remove the entire Eclipse database. This functionality is available from both the graphical (GUI) and command line user administration tools, but it is not enabled by default or without warning. Nevertheless, we believe that the exposure to accidentally checking the wrong box or inputting the wrong command line parameter is unnecessarily high.

Solution:

Eclipse has tested and implemented a change to the way Eterm operating system users are setup. Instead of creating users with common home directory (/u2/eclipse), each user will now be created with a unique home directory as per UNIX best practices (ie /home/username). When each account is created, a link is placed in the user’s home directory to launch Eclipse. The changes are transparent to the end-user, and these changes affect both the RHEL and AIX platforms.

Eclipse is prepared to deploy these changes via an automated script initiated by the ECOMM automated software delivery mechanism regularly used for transferring Eclipse patches. While no action is required on the part of the system administrator to change the home directories of existing users, It is important that the system administrator understand the changes being made to the existing system and ongoing administration procedures.

Action Required:

Review the updated user maintenance procedures (http://kb.eclipseinc.com/kb/how-to-i-remove-an-os-user-from-linux/).

Review general system administration best practices (http://kb.eclipseinc.com/kb/eclipse-system-administration-best-practices/).

Notify Eclipse Support prior to Friday April 1, 2011 if you do not wish to proceed with the automated changes, or if you have any further questions.

Receive Proactive Updates:

Follow eclipsesystems on twitter (http://twitter.com/eclipsesystems), and subscribe to the Eclipse Systems Knowledge Base (http://kb.eclipseinc.com/feed).

Permalink:

http://kb.eclipseinc.com/advisories/ecla-20110330-1/