Creating required users for a Db2 pureScale Feature installation
Before you begin
- You must have root user authority to create users and groups.
- If you manage users and groups with security software, additional steps might be required when defining Db2 database users and groups.
About this task
- One user for the instance owner
- A non-root user ID to use a secure shell (SSH) network protocol between hosts in a Db2 pureScale cluster (this user ID can default to be the instance owner)
- One user for the fenced user
A Db2 managed IBM Spectrum Scale requires a non-root user ID to SSH between hosts in the Db2 pureScale cluster. The user ID must be a user without special privileges. It is used by the root account on the local host to execute commands as root on a remote host in the same cluster. This user ID must be created on all hosts.
The user and group names used in this task are the defaults, and are documented in the following table. You can specify your own user and group names as long as they adhere to your system naming rules and Db2 naming rules.
|Required user||User name||Group name|
|Non-root user ID to SSH between hosts||db2ssh1||db2iadm1|
If you plan to use the Db2 Setup wizard to install your Db2 database product, the Db2 Setup wizard creates these users for you.
The user names you create must conform to both to the naming rules of your operating system, and to the rules of the Db2 database system.
To create these users, perform the following steps:
- Log on to a host.
- Create a group for the instance owner and a group
users to run user-defined functions (UDFs) or stored procedures.
Before adding the groups on the first host, select a group ID for each group that does not exist on any of the servers.
Operating System Step AIX® Run the mkgroup command with the id parameter to create the groups db2iadm1 and db2fadm1 with the group ID 999 and 998:
mkgroup id=999 db2iadm1 mkgroup id=998 db2fadm1
Linux® Run groupadd --gid option to create the groups db2iadm1 and db2fadm1 with the group identifiers 999 and 998:
groupadd --gid 999 db2iadm1 groupadd --gid 998 db2fadm1
- Create a
user that belongs to each group that you created
in the previous step. Before adding the users on the first host, choose user ID numbers for both users that do not exist on any of the servers.
Operating System Step AIX Run mkuser to create each user and configure user ID (id), the primary group for the user (pgrp), the complete list of groups the user belongs to (groups), and the home directory of user (home).
mkuser id=1004 pgrp=db2iadm1 groups=db2iadm1 home=/db2home/db2sdin1 core=-1 data=491519 stack=32767 rss=-1 fsize=-1 db2sdin1 mkuser id=1003 pgrp=db2fadm1 groups=db2fadm1 home=/db2home/db2sdfe1 db2sdfe1
Linux Run useradd to create each user, assign the user ID, group, and create the home directory for the user.
useradd -uid 1004 -g db2iadm1 -m -d /db2home/db2sdin1 db2sdin1 useradd -uid 1003 -g db2fadm1 -m -d /db2home/db2sdfe1 db2sdfe1This example uses the default instance owner user name, db2sdin1, and the default fenced user name, db2sdfe1.
- Set an
initial password for each user that you created.
passwd db2sdin1 passwd db2sdfe1
- Log out.
- Log back on with each of the two users you created.
You might be prompted to change the user password for each user because it is the first time the user has logged in.
- Log out.
- Create the exact same user and group accounts on each computer that will participate in your database environment.