WebSphere is designed to run only as the user and group
configured (note if no group is sent, we use the user's primary group.
Also the user needs to be a member of the group configured).
One example of this issue is an application server throwing a warning
when creating the activitiy.log.lck file in the logs directory where the
root cause is an OS permission conflict. From the configuration documents
sent to IBM we see the server is configured to run as:
runAsUser="Sam" runAsGroup="swg_ibm"
[1/5/05 11:59:36:810 EST] 4407d5 SharedLogWrit E TRAS0005E: Unable to
write to the service log. The following exception was encountered
com.ibm.ejs.ras.SharedLogLockException: Unable to obtain Shared Log Lock
file /opt/WebSphere/AppServer/qa/logs/activity.log.lck
The root cause for this error is:
- Begin backtrace for nested exception com.ibm.ejs.ras.RasException:
unable to create new file
- Begin backtrace for nested exception
java.security.PrivilegedActionException: java.io.IOException: Permission
denied |