Configuring Connect:Direct for UNIX Using Root Privilege
The Connect:Direct for UNIX Process Manager and Session Managers run as root to support Connect:Direct's user impersonation model. Before Connect:Direct accesses a source or destination file or executes a run task or a run job, it performs a programmatic logon to assume the identity of the appropriate user. This model enables a Connect:Direct user to use file system permissions to tightly control access to the user's data files. Supporting this model requires Connect:Direct to run as root.
You must create the SACL file and set the owner and permissions of the IBM® Connect:Direct® executables to run Connect:Direct for UNIX.
To configure the SACL file:
- If you know the root password or if a system administrator is standing by who knows the root password, select option 4.
If you do not know the root password, but are authorized to gain root authority using sudo or a similar utility, type 5 to exit the
Connect:Direct for UNIX customization script.
A message is displayed to warn you that the SACL was not configured.
Read the information displayed and press Enter.
A message is displayed to notify you of the creation of the test configuration.
- To exit the customization, type n and press Enter.
- If you did not select option 4 above, type cdcust (located in /<product install directory>/etc) using sudo to become root before creating the SACL and setting the owner and permissions of the executables.