This article describes the solution to an issue where a 'permission denied' error is encountered after running the configFSM.sh script when when attempting to enable FIPS on the FortiSIEM supervisor (Sup), but the same procedure executes on the Collector without any issues.
Initial Steps: Ensure the instructions provided in the Fortinet Hardening Guide were followed accurately, especially the 'Ensure Strong Cryptographic Algorithms are Enabled' section.
Identify the Root Cause: The problem appears to be associated with the permissions of the configFSM.sh script.
Resolution Steps:
Change the permissions of the configFSM.sh script to 755 (-rwxr-xr-x) using the following command:
chmod 755 /usr/local/bin/configFSM.sh
Once the permissions have been adjusted, try executing the script again.
Follow-up: Ensure that the process of enabling FIPS on the Supervisor is now successful without any further errors. If there are other issues, they may need separate investigation.
Recommendation: Always ensure that script permissions are set correctly, especially when transferring scripts between different systems or after updates. If the intended permission design is uncertain, it is advised to verify them before execution.
