The root user can grant write permission of the appropriate files and directories to a non-root user. The non-root user can then create the profile. The root user can create a group for users who are authorized to create profiles, or the root user can give individual users the ability to create profiles. The following example shows how to create a group that is authorized to create profiles.
Before you begin
This task assumes a basic familiarity with system commands.You must have root authority to accomplish the following tasks.
Why and when to perform this task
Have the root user perform the following steps to create a group that is authorized to create profiles.
Steps for this task
mkdir /opt/IBM/WebSphere/AppServer/logs/wasprofile
C:\opt\IBM\WebSphere\AppServer\logs\wasprofile
chgrp profilers /opt/IBM/WebSphere/AppServer/logs/wasprofile chmod g+wr /opt/IBM/WebSphere/AppServer/logs/wasprofile chgrp profilers /opt/IBM/WebSphere/AppServer/properties chmod g+wr /opt/IBM/WebSphere/AppServer/properties chgrp profilers /opt/IBM/WebSphere/AppServer/properties/fsdb chmod g+wr /opt/IBM/WebSphere/AppServer/properties/fsdb chgrp profilers /opt/IBM/WebSphere/AppServer/properties/profileRegistry.xml chmod g+wr /opt/IBM/WebSphere/AppServer/properties/profileRegistry.xml
chgrp profilers /opt/IBM/WebSphere/AppServer/properties/Profiles.menu chmod g+wr /opt/IBM/WebSphere/AppServer/properties/Profiles.menuThe profilers group is given read and write permission to the listed directories and their files. These are the only directories in the installation root of WebSphere Application Server to which a non-root user needs to write.
\opt\IBM\WebSphere\AppServer\logs\wasprofile
C:\opt\IBM\WebSphere\AppServer\properties
C:\opt\IBM\WebSphere\AppServer\properties\fsdb
C:\opt\IBM\WebSphere\AppServer\properties\profileRegistry.xml
These
are the only directories in the installation root of WebSphere Application
Server to which a non-root user needs to write.Some of the files in the directories in the preceding list are created when creating the profile. So it is impossible to assign ownership of the files. However, assigning ownership of the directories allows the non-root user to create the file. Such files include:
/opt/IBM/WebSphere/AppServer/properties/fsdb /opt/IBM/WebSphere/AppServer/properties/profileRegistry.xml
C:\opt\IBM\WebSphere\AppServer\properties\fsdb C:\opt\IBM\WebSphere\AppServer\properties\profileRegistry.xml
You might have to change the permissions on additional files if the non-root user encounters permission problems. For example, if you allow a non-root user to delete a profile, the user might have to delete the following file:
installation_root/properties/profileRegistry.xml_LOCK
installation_rootC:\properties\profileRegistry.xml_LOCK
Result
The root user created the profilers group and gave the group proper permissions to create a profile.What to do next
Have the non-root user that belongs to the profilers group create a profile in a directory that the non-root user owns and to which the non-root user has write permission, but not in the installation root directory of the product.Related reference
wasprofile command