WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Securing WebSphere MQ messaging directories and log files

Use this task to restrict access to the /var/mqm directories and log files needed for WebSphere MQ as a JMS provider.

About this task

Note: The /var file system is used to store all the security logging information for the system, and is used to store the temporary files for email and printing. Therefore, it is critical that you maintain free space in /var for these operations and prevent unauthorized access to the file system. If you do not create a separate file system for messaging data, and /var fills up, all security logging will be stopped on the system until some free space is available in /var. Also, email and printing will no longer be possible until some free space is available in /var.

This procedure involves steps that you complete at different stages of installing and using IBM WebSphere Application Server, as described below. The steps are also described at appropriate points in other tasks, but are collected here for completeness.

Procedure

  1. Before installing WebSphere MQ, create and mount a file system called /var/mqm. This means that other system activity is not affected if a large amount of messaging work builds up in /var/mqm.
  2. Install WebSphere MQ as a messaging provider.

    As part of this stage, the installation program creates the /var/mqm/errors directory used to hold messaging logging files as well as the directories used to hold the messaging data. During the installation process these directories are secured with a default set of security attributes to prevent unauthoised access. If you change these permissions you should ensure that the permissions specified give WebSphere MQ messaging the required access.




Related tasks
Running an application server from a non-root user and the node agent from root
Running an Application Server and node agent from a non-root user
Using the JMS resources provided by WebSphere MQ
Task topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tmj_secmqm.html

© Copyright IBM Corporation 2002, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)