Centrify DirectAudit 3.2.3 and higher on AIX
Users with bash shells are getting errors:
"DirectAudit was run as -centrifyda and determined that the real executable to run is /bin/bash, however /bin/cdax/bash does not seem to exist, or the current user does not have appropriate execute permissions to start it. Please contact your administrator to either replace /bin/bash with a known good shell binary (for instance: from media, backups or network), modify the execute permissions on /bin/bash, or to manually disable auditing..........."
AIX 7.1 is using a freeware version of bash which doesn't write itself to /etc/shells.
1) Check if the shell /bin/bash is a real file or a sym link to someplace else (ie /opt/freeware/bin/bash). If it is a sym link it's possible the bash shell was not written to /etc/shells or /etc/security/login.cfg.
2) Add the shells /bin/bash and /usr/bin/bash to the /etc/shells file.
3) Run "dacontrol -d" and then "dacontrol -e"
The above steps have been known to resolve this issue in cases of the freeware version of bash on AIX. The DA agent relies on these files to know what shells are installed on the system and it adds these shells to /bin/cdax. For some reason this version of bash does not add itself to /etc/shells.
Since this issue stems from the freeware version of bash shell on AIX which we don't develop for the best we can do is provide this workaround to resolve the issue.