IGEL OS 12 - No IGEL Properties

IGEL OS 12, created with OSC 12.03 and younger, does not provide IGEL-specific properties in deviceTRUST. Here's why and how to fix.

Problem: No IGEL-specific deviceTRUST properties are supplied by IGEL OS 12


Reason: IGEL has changed the file system rights starting with clients rolled out based on OSC 12.03. The folder "/wfs/igel-rmagent" can now only be read by root, no longer by other entities. deviceTRUST needs access to the folder in order to be able to read various properties. Our process recognizes the missing rights and ends the evaluation. Therefore, no IGEL-specific values are evaluated and shown in the session. 

Workaround: A "custom command" for setting authorization provides a remedy. We have tested various scenarios and narrowed down the required rights so that a recursive "o+rx" (add read and execute for "others") is sufficient: chmod -R o+rx /wfs/igel-rmagent.

os1203

We assume that the setting of the rights was no coincidence and are working on a solution to mitigate this behavior without requiring this workaround. Until then, please implement the workaround to make sure deviceTRUST can operate as desired.