Permission Errors when trying to Read/Write/Execute Files
 Technote (troubleshooting)
 
Problem(Abstract)
Permission errors when IBM® WebSphere® Application Server tries to Read/Write/Execute files, but the user has configured belows to one of the groups that has permission.
 
Cause
WebSphere is designed to run only as the user and group configured (note if no group is sent, we use the user's primary group. Also the user needs to be a member of the group configured).

One example of this issue is an application server throwing a warning when creating the activitiy.log.lck file in the logs directory where the root cause is an OS permission conflict. From the configuration documents sent to IBM we see the server is configured to run as:

runAsUser="Sam" runAsGroup="swg_ibm"

[1/5/05 11:59:36:810 EST] 4407d5 SharedLogWrit E TRAS0005E: Unable to write to the service log. The following exception was encountered com.ibm.ejs.ras.SharedLogLockException: Unable to obtain Shared Log Lock file /opt/WebSphere/AppServer/qa/logs/activity.log.lck

The root cause for this error is:

  • Begin backtrace for nested exception com.ibm.ejs.ras.RasException: unable to create new file
  • Begin backtrace for nested exception
java.security.PrivilegedActionException: java.io.IOException: Permission denied
 
Resolving the problem
When reviewing the OS permission on the logs directory, we can see they are 775 (root, ibm). So these don't match the user or group this server run as, therefore we have to use the other permission's.
There are three solutions you can implement for this issue:
  1. Change the permission's on the logs directory so the application server user/group can write (e.g. 777)
  2. Change the user or group configured in the application server to root or ibm
  3. Change the location of the activity.log for this application server
Now the log and lck files will be in a directory the user/group can read, write and execute.
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): AIX
Software version: 6.0
Software edition:
Reference #: 1199321
IBM Group: Software Group
Modified date: Feb 28, 2005