Establish process ownership

When a user other than the superuser root starts Caching Proxy, that user maintains ownership of all of the processes that are associated with the proxy server.

If Caching Proxy is started by the superuser root, a set user ID function within the proxy server reads the UserId and GroupId directives in the ibmproxy.conf file and changes process ownership to the specified user and group. This change is done to limit file access and protect the computer system. If you change the UserId or GroupId directives, you must update the ownership and permissions for log directories and other files, such as an access control list (ACL), that are used by the proxy server.

Establish the ownership of the proxy server process by specifying the user identification, group identification, and location of the file in which the process ID is recorded as values for the UserID, GroupID, and PidFile directives.

To force the proxy server process to run as foreground process, set the value of the NoBG directive to on.

On Linux systems:

On Linux systems, only processes and threads responsible for listening for connections have their ownership changed. Processes and threads responsible for other activities within the workflow will still be owned by root. All processes and threads receive process ID (PID) numbers. The ps command lists all process IDs, regardless of whether they are associated with a process or thread.
Note: On some Linux kernels, Caching Proxy may generate the following error message in its error log:
Cannot init groups for user nobody, errno: 1
You can disregard the error message because there is no affect on the normal operation of Caching Proxy. There is also a workaround to avoid the error message by exporting the following environment variables before starting the Caching Proxy:
export RPM_FORCE_NPTL=1 	
export LD_ASSUME_KERNEL=2.4.19:

Configuration and Administration forms

The following Configuration and Administration forms edit the values of the associated directives:

  • Server Configuration –> Basic Settings –> UserID
  • Server Configuration –> Basic Settings –> GroupID
  • Server Configuration –> Basic Settings –> Process ID file location
Note: You cannot use the Configuration and Administration forms to edit the NoBG directive.

Icon that indicates the type of topic Reference topic



Timestamp icon Last updated: March 23, 2018 0:18
File name: est_owner.html