This topic applies only on the z/OS operating system.

Setting permission for files created by applications

Files created by applications running in the servant will have permission bits set according to the default umask. To change the default umask for the servant, specify the _BPX_BATCH_UMASK environment variable for the servant. Deployment manager and application servers require group read/write access to the data in their config root.

About this task

Deployment manager and application servers require group read/write access to the data in their config root. The server must run with a 007 umask in order to support system management functions. Do not change this umask setting and your server will function correctly.

Use the _BPX_BATCH_UMASK environment variable for the servant to set the umask to 007. You define _BPX_BATCH_UMASK as a new environment variable using the administrative console.

To view the administrative console page, click Environment > WebSphere variables.

To define this new variable using the administrative console, select the appropriate scope from the list of available options and then click New to create the name _BPX_BATCH_UMASK and the desired value. You will need to restart the server to pick up the _BPX_BATCH_UMASK setting.

Recommendation: A umask value of 007 will cause applications to create directories with permission bits set to 770 and files with permission bits set to 660. This is the value recommended by IBM®.

Note: See the documents listed in the steps below for more information.

Procedure




In this information ...


Related reference

IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 10:04:34 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-mp&topic=tsec_settingperm
File name: tsec_settingperm.html