chown may clear the setuid and setgid bits on Caché executables
I was recently troubleshooting a problem on a Linux (RHEL) instance of 2016.1 at a site. For policy reasons their sysadmins wanted to update the Caché installation so it used network accounts for its cacheusr and iscagent users and groups instead of the locally-created ones that had been set up during original install of Caché.
To do this they ran various commands including chown
Afterwards non-root users couldn't obtain a terminal session using the csession command. Instead they receive this message:
cache: Permission denied
It turned out that the chown command cleared important setuid and setgid bits that had previously been set on certain files in the bin directory.
By consulting a working instance we were able to reinstate the correct bits.
I'm posting this article in case the information is useful to others in the future (including myself, when I forget that I once knew it).
Just for clarification, this is known behaviour:
info coreutils 'chown invocation':
And for a little description of how these are relevant see http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=...
http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=...