DX NetOps

 View Only
  • 1.  Installed CA PM - Data Aggregator as non-root user

    Posted Jul 09, 2019 09:46 AM
    Hello,

    I am installing CA PM 3.7, fault tolerant environment.

    Although I can run the installation as a root user, the application and services will never be owned by root user but another user (pmadmin).

    I have installed both DA but I can't access the rest portal of the primary DA. Both installations were successful (0 errors) but I see some problems when restarting the dadaemon (it has to be killed by the scripts because can't shut down properly) and there are some errors about permissions in the karaf log.

    If the user pmadmin belongs to the root group,I can run the application as pmadmin user and access the rest portal and hence go for the integration between PC and DA... but as I said, the customer doesn't allow this.

    I need to grant root permissions to the user pmadmin but I don't know which commands I should put in the file sudoers. the user pmadmin will never be root/admin and will not belong to the group root.

    Can anyone help me?

    Thanks a lot for the help.

    Regards,

    Inigo.

    ------------------------------
    Inigo.
    ------------------------------


  • 2.  RE: Installed CA PM - Data Aggregator as non-root user

    Posted Jul 10, 2019 03:11 AM
    Inigo

    Normally this sort of problem is associated with file permissions, as you did the install as root but running the processes as a "lesser" user.

    First check that your pmadmin user is the owner of ALL the files in the install directory tree
    then look at pid files, and log files outside this this directory tree that are created when the processes are started.
    Are you using system V, or systemd to start the processes.

    Most of the time it is 1 of these non install directory tree files that is created on the first process start that is causing the problem, you just need to find it (hence looking at pid, lock and log files for the running processes first).

    Cheers, Andrew

    ------------------------------
    Knows a little about UIM/DXim
    ------------------------------



  • 3.  RE: Installed CA PM - Data Aggregator as non-root user

    Posted Jul 10, 2019 09:15 AM
    Hello Andrew,

    thanks for the reply.
    I changed the ownership of the install direcotory (IMDataAggregator/) to pmadmin:root
    I also changed the permissions of the direcotry (777)

    activemq is run by pmadmin user.
    consul is run by root user (as well on DA Proxy)

    Under the install directory there is only one pid file: ../IMDataAggregator/broker/apache-activemq-5.15.8/data/activemq.pid.... the pid is run by pmadmin.

    I also changed the owenership of the files dadaemon.service, activemq.service, consul.service, consul-ext.service to pmadmin:root

    After all the changes, I don't succeed.
    To start the processes I use the default script (dadaemon and activemq) which is found in ../IMDataAggregator/scripts:

    ./dadaemon stat|stop|maintenance|activate
    ./activemq start|stop

    if I raise the permissions for pmadmin (by adding pmadmin to root user, the application works, but it is not what customer wants).

    Many thanks for the help.

    Inigo.