Use this procedure to set up a process agent to run as
a non-privileged user on UNIX operating systems.
Procedure
To set up a process agent to run as a non-privileged
user on UNIX:
- As a root user, locate the process agent start script.
The start script is in the /etc/ directory.
- As the root user, locate the following entry
in the start script. This entry is used to start the process
agent as a root user.
if [ "$SECURE" = "Y" ]; then
${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -authenticate PAM -
secure > /dev/null 2> /dev/null
else
${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -authenticate PAM >
/dev/null 2> /dev/null
fi
- To start the process agent as a user called "netcool", replace the entry that is shown in step 2 with
the following entry:
if [ "$SECURE" = "Y" ]; then
su - netcool -c "${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -
authenticate PAM -secure > /dev/null 2> /dev/null"
else
su - netcool -c "${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -
authenticate PAM > /dev/null 2> /dev/null"
fi
Results
The process agent runs as the local user netcool. The permissions
for external actions on the ObjectServer are limited to the privileges
of that user on the host computer.