[z/OS]

Setting permission for files created by applications

Files created by applications running in the servant will have permission bits set according to the default umask. To change the default umask for the servant, specify the _BPX_BATCH_UMASK environment variable for the servant. Deployment manager and application servers require group read/write access to the data in their config root.

Before you begin

About this task

Deployment manager and application servers require group read/write access to the data in their config root. The server must run with a 007 umask in order to support system management functions. Do not change this umask setting and your server will function correctly.

Use the _BPX_BATCH_UMASK environment variable for the servant to set the umask to 007. You define _BPX_BATCH_UMASK as a new environment variable using the administrative console.

To view the administrative console page, click Environment > WebSphere variables.

To define this new variable using the administrative console, select the appropriate scope from the list of available options and then click New to create the name _BPX_BATCH_UMASK and the desired value. You will need to restart the server to pick up the _BPX_BATCH_UMASK setting.

Evitar Problemas Evitar Problemas:
  • A umask value of 007 causes applications to create directories with permission bits set to 770 and files with permission bits set to 660. This is the value IBM® recommends.
  • BPXBATSL (BPXBATA2) sets the umask based on the value specified for the _BPX_BATCH_UMASK environment variable, if a value has been specified. LE sets the umask from the value specified for _EDC_UMASK_DFLT, if it is present when the C library initializes. If no value is specified for the _BPX_BATCH_UMASK enviroment variable, the umask is set to 007, displacing any value that is set using _EDC_UMASK_DFLT. Therefore you should not use _EDC_UMASK_DFLT to set the umask.
gotcha
Note: See the documents listed in the following steps for more information.

Procedure


Ícone que indica o tipo de tópico Tópico de Tarefa



Ícone de registro de data e hora Última atualização: July 9, 2016 7:56
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tsec_settingperm
Nome do arquivo: tsec_settingperm.html