This article describes how to run the deployment manager with a non-root user ID on Linux and UNIX platforms.
Before you begin
If global security is enabled, the user registry must not be Local OS. Using the Local OS user registry requires the dmgr process to run as root. If you are attempting to run a deployment manager as root in WebSphere Application Server Version 6 when you previously used a non-root user ID on Linux and UNIX platforms in Version 5.x, see Migrating a previously non-root configuration to root.
Why and when to perform this task
By default, the Network Deployment product on Linux platforms uses the root user to run the deployment manager, which is the dmgr process. You can use a non-root user to run the deployment manager. You might want to change to a non-root user ID for security or administrative reasons.Perform this task to change the permissions for the deployment manager. Restart the deployment manager for the changes to take effect.
To configure a user to run the deployment manager, complete the following steps:
Steps for this task
network deployment installation root/profiles/deployment manager profile name/bin/ ./startManager.sh
Property | Value |
---|---|
Run As User | wasadmin |
Run As Group | wasgroup |
UMASK | 022 The value 022 means the files the process creates are writable by the group and by others as defined on the Linux or UNIX platforms. |
./stopManager.sh
chgrp wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name chgrp wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/config chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/logs chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/wstemp chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/installedApps chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/temp chgrp -R wasgroup /opt/IBM/WebSphere/AppServer/profiles/profile name/tranlog chmod g+wr /opt/IBM/WebSphere chmod g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/config chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/logs chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/wstemp chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/installedApps chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/temp chmod -R g+wr /opt/IBM/WebSphere/AppServer/profiles/profile name/tranlog
network deployment installation root/profiles/deployment manager profile name/bin/ ./startManager.sh
Result
You can start a deployment manager process from a non-root user.Related tasks
Running an application server from a non-root user and the node agent
from root
Running an Application Server and node agent from a non-root user
Related reference
wasprofile command