The
non-root can receive permissions for files and directories so that
the non-root user can create and augment a profile.
Before you begin
This task assumes a basic familiarity with the manageprofiles command and
system commands.
Best practice: ![[Updated in September 2012]](../../delta.gif)
IBM recommends starting processes
that run on the same profile with user IDs that have mutually compatible
file permissions, meaning that each process can read or updated files
that the other processes create. This ensures that the processes can
access the same files without encountering a permission-denied error.
For example, if you run the deployment manager as user
wasuser and
then also run the command line tool to generate plug-ins on that same
profile, you should run the tool as user
wasuser.
![[Updated in September 2012]](../../deltaend.gif)
sep2012
bprac
Tip: In WebSphere
® Application Server Version 7.0.0.23
and later, files created by an Administrator outside of the
Program
Files directory are usable by non-Administrators. This
allows an Administrator to create a profile outside of the WebSphere Application Server
installation and have a non-Administrator manage the profile. To use
this functionality, perform the following actions:
- Install WebSphere Application
Server to a directory that has no default write permissions for non-Administrators—C:\Program
Files (x86) for example.
- Install the Version 7.0.0.23 or later fix pack using Installation
Manager.
- Modify the app_server_root/properties/wasprofile.properties file.
The following should have been added by the fix pack to the bottom
of the file:
#-----------------------------------------------------------------------
# Specify if enhanced/fixed Apache ant task behaviour should be used.
#
# Note that this only has effect on Windows platforms.
#-----------------------------------------------------------------------
WS_USE_ENHANCED_OPENSOURCE_BEHAVIOUR=false
Simply change
the value of WS_USE_ENHANCED_OPENSOURCE_BEHAVIOUR to
true, and you can take advantage of this feature. For example:
- Launch the Profile Management Tool to create a profile.
- When creating the profile, select the advanced flow.
- Set the profile path to somewhere outside the C:\Program
Files (x86) directory (or whichever directory was used
for the installation) where non-Administrators have default write
permissions—C:\Profiles\AppSrv01 for example.
- Make sure that you do not use a Windows service
when creating the profile.
- Make sure that the app_server_root/bin/setupCmdLine.bat file
has read permissions for non-Administrators.
- You should be able to log in with a non-Administrator ID and start
the server.
About this task
Non-root users might typically need these tasks completed
so that they can start their own application servers in development
environments. For instance, an application developer might test an
application on a application server in a profile assigned to that
application developer.
Procedure
Results
Depending on the tasks that the installer followed,
the installer has completed the following actions:
- Created
and optionally augmented a profile for a non-root user and assigned
ownership of the profile directory to the non-root user
- Granted
permission to the appropriate directories so that non-root users can
create and augment profiles
- After installing maintenance, changed ownership of new profile
files in a directory that is owned by a non-root user, so that the
non-root user can successfully start the application server
What to do next
Depending
on the tasks that the installer completes, a non-root user can create
and augment a profile, start WebSphere Application
Server, or do both.