A data service can declare the application_user resource property to provide a way for the cluster administrator to specify a non-root Solaris user name to be used for execution of application programs by the data service.
If your agent declares the application_user property, it is expected to set the user ID for execution of application programs according to the settings of the application_user resource property and the resource_security cluster property. You can use the scha_check_app_user command to help with this task. See Using the scha_check_app_user Command for more information.
If resource_security is set to COMPATIBILITY, the setting of the application_user resource property is ignored and the application user will be the user ID of the caller (usually root). This behavior is compatible with previous releases of Oracle Solaris Cluster.
If resource_security is set to OVERRIDE, the application_user property is ignored and the application user will be the owner of the application program executable file.
If resource_security is set to SECURE or WARN, the application user will be the value of the application_user resource property; however, if application_user is unset or empty, the application user will be the owner of the application program executable file.