Configuring Run-As for UNIX Engines

GridServer uses engine PAM authentication service instead of system PAM authentication. Refer to your UNIX-specific PAM configuration instructions to ensure that the Run-As user is properly authenticated.

To set up the dsengine PAM service for Linux, copy the auth and account sections from the login service, dropping the secure tty module. For example:

login
#%PAM-1.0
auth required pam_securetty.so
auth include common-auth
auth required pam_nologin.so
auth required pam_mail.so
account include common-account
password include common-password
session include common-session
session required pam_resmgr.so
dsengine
#%PAM-1.0
auth include common-auth
auth required pam_nologin.so
account include common-account

For additional information, see the utilities/testpam2 section of the DataSynapse Customer Support website.

Start the Engine:

   ./engine.sh start

For Linux and Linux64, change mode of all files to be group read/writable:

   find . | xargs chmod g+u

3. Change ownership of the invokeRA program to root, and change it to be set UID:

   sudo chown root bin/invokeRA 
   sudo chmod +s bin/invokeRA

Set the Engine user’s umask to make these permissions the default:

   umask 002

Note that for UNIX engines, the Run-As user’s account must be in the same group as the Engine user’s account.

For more information about using Run-As, see the TIBCO GridServer® Administration.

Did you find this helpful?

Yes No