Assigning profile ownership to a non-root user
An installer can create a profile and assign ownership of the profile directory to a non-root user so that the non-root user can start the product for a specific profile.
Before you begin
This task assumes a basic familiarity with the manageprofiles command and system commands.
Before you can create a profile, you must install the product.
About this task
Have the installer perform the following steps to create a profile and assign ownership for the profile directory and the logs directory. The ownership is assigned to a non-root user ID that is different from the installer ID. The non-root user needs access to these directories to start the product.
This example creates a default profile.
The commands are split on multiple lines for printing purposes.
Procedure
Results
The installer has created a default profile and changed ownership of the profile directory and log directory to a non-root user.
What to do next
A non-root user ID can manage multiple profiles
and can run the same tasks as a root user . For a particular profile, use the same non-root user ID
to manage the entire profile. This guidance applies whether the profile is the deployment manager, a
profile that contains the application servers and the node agent, or a custom profile. Profile
management includes running any command-line scripts that might act on the profile, such as
startServer.sh
, wsadmin.sh
, syncNode.sh
,
managesdk.sh
, and manageprofile.sh
. Running these scripts with an
alternative user ID, such as a root user ID, might cause other scripts to fail due to mismatched
file permissions. In general, start any processes that run on a profile from the same user ID, or
from user IDs with compatible file permissions. For example, if you run the deployment manager as
the wasuser user ID and then also run the command line tool to generate plug-ins
on that same profile, run the tool as wasuser
A different user ID can be used for each profile in a cell, whether or not global security or administrative security is enabled. The user IDs within a cell can be a mix of root and non-root user IDs. For example, the root user might manage the deployment manager profile, while a non-root user might manage a profile that contains application servers and the node agent, or vice versa. However, typically, either a root user or a non-root user manages all the profiles in a particular cell.