On the UNIX® system and on Linux®, CM Server by default runs as root.
You may change the identity to a user with minimal privileges. The name and
group of this user will vary from platform to platform (for example, a specific
user name or nobody.nobody). Note that because the non-root user has less
privileges, some files must be made writeable for everyone in order to allow
WebSphere Application Server to function properly.
To
change CM Server to run as a different user:
- Edit the User and Group line
in httpd.conf. The following line configures CM Server
to run as cmserveruser.other:
User cmserveruser
Group other
- Edit /opt/IBM/RationalSDLC/common/CM/bin/cmserver_startup (or /opt/ibm/RationalSDLC/common/CM/bin/cmserver_startup on Linux) and change this line:
./startServer.sh server1 > $cmserver_home/logs/was_start.log
2>&1
to
su cmserveruser -c "./startServer.sh
server1 > $cmserver_home/logs/was_start.log 2>&1"
- Add write permission to the following WebSphere® Application Server log files:
- chmod o+w $cmserver_home/logs/was_start.log (if this file exists)
- chmod o+w $cmserver_home/profiles/cmprofile/logs/server1/*
- chmod o+w $cmserver_home/profiles/cmprofile/tranlog/DefaultNode/DefaultNode/server1/transaction/tranlog/*
- chmod o+w $cmserver_home/profiles/cmprofile/tranlog/DefaultNode/DefaultNode/server1/transaction/partnerlog/*
- Stop and restart CM Server.