Running the process agent as a non-privileged user (UNIX)

Use this procedure to set up a process agent to run as a non-privileged user on UNIX operating systems.

Procedure

To set up a process agent to run as a non-privileged user on UNIX:

  1. As a root user, locate the process agent start script. The start script is in the /etc/ directory.
  2. As the root user, locate the following entry in the start script.
    This entry is used to start the process agent as a root user.
    if [ "$SECURE" = "Y" ]; then
    ${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -authenticate PAM -
    secure > /dev/null 2> /dev/null
    else
    ${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -authenticate PAM > 
    /dev/null 2> /dev/null
    fi
  3. To start the process agent as a user called netcool, replace the entry that is shown in step 2 with the following entry:
    if [ "$SECURE" = "Y" ]; then
    su - netcool -c "${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -
    authenticate PAM -secure > /dev/null 2> /dev/null"
    else
    su - netcool -c "${OMNIHOME}/bin/nco_pad -name ${NCO_PA} -
    authenticate PAM > /dev/null 2> /dev/null"
    fi

Results

The process agent runs as the local user netcool. The permissions for external actions on the ObjectServer are limited to the privileges of that user on the host computer.