See information about the latest product version
Security requirements for Linux and UNIX platforms
View a summary of the authorizations in a Linux or UNIX environment.
You must add the required user IDs to the appropriate group to enable them to complete the relevant tasks.
Task | Command | Authorization |
---|---|---|
Create, delete or migrate a broker | mqsicreatebroker mqsideletebroker mqsimigratecomponents |
|
Change a broker | mqsichangebroker |
|
Add or remove a broker instance | mqsiaddbrokerinstance mqsiremovebrokerinstance |
|
Backup or restore a broker | mqsibackupbroker mqsirestorebroker |
|
Start a broker, or verify a broker | mqsistart mqsicvp |
|
Stop a broker | mqsistop |
|
Create or delete an execution group | mqsicreateexecutiongroup mqsideleteexecutiongroup |
|
Start or stop a message flow | mqsistartmsgflow mqsistopmsgflow |
|
Create or delete a configurable service | mqsicreateconfigurableservice mqsideleteconfigurableservice |
|
List brokers | mqsilist |
|
Show broker properties | mqsireportbroker mqsireportproperties mqsireportflowmonitoring mqsireportflowstats mqsireportflowuserexits mqsireportresourcestats |
|
Change properties | mqsichangeproperties mqsichangeflowmonitoring mqsichangeflowstats mqsichangeflowuserexits mqsichangeresourcestats |
|
Set and update passwords | mqsisetdbparms |
|
List set parameters that are on a broker | mqsireportdbparms |
|
Report or update a broker mode | mqsimode |
|
Deploy an object to a broker | mqsideploy |
|
Reload a broker, execution groups or security | mqsireload mqsireloadsecurity |
|
Trace a broker | mqsichangetrace mqsireporttrace mqsireadlog mqsiformatlog |
|
Set up symbolic links needed for coordinated transactions | mqsimanagexalinks |
|
Add the mqbrkrs group | mqsisetsecurity |
|
Global cache administration | mqsicacheadmin |
|
Package a BAR file | mqsipackagebar |
|
Create or modify a web user account | mqsiwebuseradmin |
|
User is...1 | Command Used | Local domain (WORKSTATION) |
---|---|---|
Running a broker (WebSphere MQ non-trusted application) (login ID). |
|
|
Running a broker (WebSphere MQ trusted application) (login ID). |
|
|
- Set the following permissions on all input queues:
setmqaut -m MB8BROKER -n TEST_INPUT -t queue -g mqbrkrs +get +inq
- Set the following permissions on all output queues:
setmqaut -m MB8BROKER -n TEST_OUTPUT -t queue -g mqbrkrs +put +inq +setall
- You might also need to add +passid +passall +setid +setall, depending on your requirements.