Difference between revisions of "The command arssockd can only be run by the owner of the command"

From CMOD.wiki
Jump to navigation Jump to search
m (Moved memo about case sensitivity higher up for better visibility.)
m (Corrected error number from 1154 to 0152.)
Line 3: Line 3:
== What was the error? ==  
== What was the error? ==  


Message Number:  154
Message Number:  152


Message Severity:  Error (Corrective action is required to continue)
Message Severity:  Error (Corrective action is required to continue)


Message Name:  ARS1154E
Message Name:  ARS0152E


Message Text:  The command >arssockd< can only be run by the owner of the command
Message Text:  The command >arssockd< can only be run by the owner of the command

Revision as of 19:17, 12 August 2016

What was the error?

Message Number: 152

Message Severity: Error (Corrective action is required to continue)

Message Name: ARS0152E

Message Text: The command >arssockd< can only be run by the owner of the command

Example

$ arssockd -I ARCHIVE -S
The command >arssockd< can only be run by the owner of the command

Or this message is displayed on the console:

arssockd (ARCHIVE): 04/25/15 18:43:47 0 ARSMSG  2 152 The command >arssockd< can only be run by the owner of the command

What were you doing?

Probably trying to start CMOD for the first time after a fresh install, or an upgrade.

Troubleshooting

In some systems, the owner of all of the Content Manager OnDemand files installed under /usr/lpp/ars/bin, /opt/ondemand/bin, or /opt/IBM/ondemand/V9.x has been changed to be 'non-root'. This is typically done for security reasons, so that a remote exploit of the OnDemand daemon (arssockd) doesn't immediately provide root privileges to the attacker. After an upgrade, these permissions may have been re-written, and need to be reimplemented.

In this case, the UNIX file and group ownership need to be set to match the UNIX user name that will run arssockd. 

-r-xr-xr-x    1 root     system      5662247 Sep  4 2013  arsrpt
-r-xr-xr-x    1 root     system      8795499 Sep  4 2013  arsslu
-r-xr-xr-x    1 root     system      7289800 Sep  4 2013  arssockd
-r-xr-xr-x    1 root     system      4394507 Sep  4 2013  arssyscr
-r-xr-xr-x    1 root     system      7082704 Sep  4 2013  arstblsp
-r-xr-xr-x    1 root     system      8753959 Sep  4 2013  arstfmt
-r-xr-xr-x    1 root     system      4221594 Sep  4 2013  arsview 

$ chown archive:sysadm1 ars* 

-r-xr-xr-x    1 archive  sysadm1     5662247 Sep  4 2013  arsrpt
-r-xr-xr-x    1 archive  sysadm1     8795499 Sep  4 2013  arsslu
-r-xr-xr-x    1 archive  sysadm1     7289800 Sep  4 2013  arssockd
-r-xr-xr-x    1 archive  sysadm1     4394507 Sep  4 2013  arssyscr
-r-xr-xr-x    1 archive  sysadm1     7082704 Sep  4 2013  arstblsp
-r-xr-xr-x    1 archive  sysadm1     8753959 Sep  4 2013  arstfmt
-r-xr-xr-x    1 archive  sysadm1     4221594 Sep  4 2013  arsview

When performing a new installation, ensure that the following parameters all match the user name that the CMOD database runs under:

Ensure that these parameters both have matching case. If one is set to 'ARCHIVE', and the other is set to 'archive', arssockd will throw the ARS1154E error.


In ars.ini: 

SRVR_INSTANCE_OWNER=ARCHIVE

In ars.cfg: 

DB2INSTANCE=ARCHIVE
Retrieved from "https://CMOD.wiki/index.php?title=The_command_arssockd_can_only_be_run_by_the_owner_of_the_command&oldid=374"