Sun ONE Portal Server 6.2 Installation Guide |
Appendix F
Configuring the Sun ONE Portal Server to Run as User Non-RootThe following optional, post-install procedure describes the steps to configure a Sun ONE Portal Server installation that is running as root user to run as a non-root user. This procedure assumes that the web container and the Sun ONE Directory Server are running as root user.
Note
The Java Enterprise System installer provides a way to install the Sun ONE Directory Server and the Sun ONE Web Server or Sun ONE Application Server to run as a non-root user.
Perform all steps as superuser, except as noted. After installing the Sun ONE Portal Server software, use the following procedure to configure the Sun ONE Portal Server to run as user non-root.
- Change the web container’s user instance from root to a non-root value. Consult your web container’s documentation for instructions on changing the running user.
For example, to change the Sun ONE Web Server’s running user, edit the web-server-install-root/SUNWwbsvr/https-hostname.domain/config/
magnus.conf file.Change the entry User root to User Userid.- Change the web container’s admin instance from root to a non-root value. Consult your web container’s documentation for instructions on changing the running admin user.
For example, to change the Sun ONE Web Server’s admin user, edit the web-server-install-root/SUNWwbsvr/https-admserv/config/magnus.conf file.
Change the entry User root to User Userid.
- Change the Sun ONE Directory Server’s user instance from root to a non-root value. Consult the Sun ONE Directory Server documentation for instructions on changing the running user.
For example, edit the /var/opt/mps/serverroot/slapd-hostname/config/dse.ldif file.
Change nsslapd-localuser: root to nsslapd-localuser: Userid
- Change the Sun ONE Directory Server admin user instance from root to a non-root value. Consult the Sun ONE Directory Server documentation for instructions on changing the running admin user.
For example:
- Change the ownership of the following directories from root to Userid:UserGroup. That is, enter:
- chown -R Userid:UserGroup /opt/SUNWps
- chown -R Userid:UserGroup /etc/opt/SUNWps
- chown -R Userid:UserGroup /var/opt/SUNWps
If you did not use the Java Enterprise System installer to install the Sun ONE Identity Server as non-root, consult the Identity Server documentation for information on changing the Identity Server directories.
- Set the following permissions for the Portal Server directories:
- Restart the directory server as the non-root user.
- Run /etc/init.d/amserver stop.
A non-root user can run identity-server-install-dir/SUNWam/bin/amserver stop.
- Ensure that all of the processes are stopped.
To verify, type:
ps -ef | grep SUNWam
ps -ef | grep directory-server-base-dir
- Kill off any processes that did not get shutdown. As root enter:
/var/opt/mps/serverroot/stop-admin
Launching Sun ONE Portal Server