1,126
edits
Difference between revisions of "The command arssockd can only be run by the owner of the command"
Jump to navigation
Jump to search
m
The command arssockd can only be run by the owner of the command (view source)
Revision as of 00:30, 29 April 2015
, 00:30, 29 April 2015Standardized the layout.
m (Added changing file permissions.) |
m (Standardized the layout.) |
||
| Line 1: | Line 1: | ||
{{TOCright}} | |||
== What was the error? == | |||
Message Number: 154 | |||
Message Severity: Error | |||
Message Name: ARS1154E | |||
The command >arssockd< can only be run by the owner of the command | Message Text: The command >arssockd< can only be run by the owner of the command | ||
== Example == | |||
$ arssockd -I ARCHIVE -S | |||
The command >arssockd< can only be run by the owner of the command | |||
Or this message is displayed on the console:<br /> | Or this message is displayed on the console:<br /> | ||
arssockd (ARCHIVE): 04/25/15 18:43:47 0 ARSMSG 2 152 The command >arssockd< can only be run by the owner of the command | |||
== What were you doing? == | |||
Probably trying to start CMOD for the first time after a fresh install, or an upgrade. | Probably trying to start CMOD for the first time after a fresh install, or an upgrade. | ||
== Troubleshooting == | |||
In some systems, the owner of all of the Content Manager OnDemand files installed under /usr/lpp/ars/bin, /opt/ondemand/bin, or /opt/IBM/ondemand/V9.x has been changed to be 'non-root'. This is typically done for security reasons, so that a remote exploit of the OnDemand daemon (arssockd) doesn't immediately provide root privileges to the attacker. After an upgrade, these permissions may have been re-written, and need to be reimplemented. | In some systems, the owner of all of the Content Manager OnDemand files installed under /usr/lpp/ars/bin, /opt/ondemand/bin, or /opt/IBM/ondemand/V9.x has been changed to be 'non-root'. This is typically done for security reasons, so that a remote exploit of the OnDemand daemon (arssockd) doesn't immediately provide root privileges to the attacker. After an upgrade, these permissions may have been re-written, and need to be reimplemented. | ||
| Line 28: | Line 30: | ||
In this case, the UNIX file and group ownership need to be set to match the UNIX user name that will run arssockd. | In this case, the UNIX file and group ownership need to be set to match the UNIX user name that will run arssockd. | ||
-r-xr-xr-x 1 root system 5662247 Sep 4 2013 arsrpt | -r-xr-xr-x 1 root system 5662247 Sep 4 2013 arsrpt | ||
-r-xr-xr-x 1 root system 8795499 Sep 4 2013 arsslu | -r-xr-xr-x 1 root system 8795499 Sep 4 2013 arsslu | ||
| Line 46: | Line 47: | ||
-r-xr-xr-x 1 archive sysadm1 8753959 Sep 4 2013 arstfmt | -r-xr-xr-x 1 archive sysadm1 8753959 Sep 4 2013 arstfmt | ||
-r-xr-xr-x 1 archive sysadm1 4221594 Sep 4 2013 arsview | -r-xr-xr-x 1 archive sysadm1 4221594 Sep 4 2013 arsview | ||
When performing a new installation, ensure that the following parameters all match the user name that the CMOD database runs under: | When performing a new installation, ensure that the following parameters all match the user name that the CMOD database runs under: | ||
| Line 52: | Line 52: | ||
In ars.ini: | In ars.ini: | ||
SRVR_INSTANCE_OWNER=ARCHIVE | |||
In ars.cfg: | In ars.cfg: | ||
DB2INSTANCE=ARCHIVE | |||
'''''Ensure that these parameters both have matching case.''''' If one is set to 'ARCHIVE', and the other is set to 'archive', [[arssockd]] will throw the ARS1154E error. | '''''Ensure that these parameters both have matching case.''''' If one is set to 'ARCHIVE', and the other is set to 'archive', [[arssockd]] will throw the ARS1154E error. | ||