When performing configuration after installation, you can assign a non-root runtime user or group to some component products. For example, you might be deploying Access Manager in an instance of Web Server that is not owned by root.
For purposes of installation to administration, there are many reasons to configure a component with a non-root identifier. You can find examples of using a non-root identifier in Non-Root Examples.
The following sections provide information on configuring the applicable components with non-root identifiers.
You must be root to run the Java ES installer. Because of this, all files placed on the machine by the installer are owned by root.
To configure Administration Server with a non-root ID, use the mpsadmserver configure command. See the Sun Java System Administration Server 5 2005Q1 Administration Guidefor more details.
If you are running the Administration Server as non-root, consider using the same user and group IDs for both the Administration Server as well as the products that are dependant upon it.
If Directory Server has already been installed, the Administration Server will automatically be owned by the same user and group IDs as applied to the Directory Server.
To configure Application Server with a non-root ID, you can set up an entire administrative domain owned and operated by a non-root user.
Log in to the host using a non–root user ID.
Run the asadmin create-domain command with the --domaindir option, pointing to the directory where you have write permissions. For example:
/opt/SUNWappserver/appserver/bin ./asadmin create-domain --domaindir /export/domains --adminport 5050 --adminuser admin --passwordfile /tmp/passwordfile --instanceport 9090 domain2
In this example domain2 directory will be created under /export/domains
Start this domain using the --domaindir option again. For example:
/opt/SUNWappserver/appserver/bin ./asadmin start-domain --domaindir /export/domains --user admin --passwordfile /tmp/passwordfile domain2
For more information, see the Sun Java System Application Server Enterprise Edition 8.1 2005Q2 Administration Guide.
To configure Calendar Server with a non-root ID, use the Calendar Server configurator. See the Sun Java System Calendar Server 6 2005Q4 Administration Guide) for details.
To configure Directory Proxy Server with a non-root ID, become superuser and run the quickstart.tcl script. This script adopts the user ID specified for the Administration Server so, when Administration Server uses a non-root user ID, Directory Proxy Server will as well.
Use the Directory Server configurator to configure Directory Server with a non-root ID. Install the Directory Server packages using the Configure Later option. After running the installer, set the default Directory Server version to 5.2. Run the Directory Server configurator and specify a non-root user ID. Select a port number greater than 1024.
To configure Messaging Server with a non-root ID, use the Messaging Server configurator. See the Sun Java System Messaging Server 6 2005Q4 Administration Guide for details.
To configure Portal Server with a non-root ID, use the Portal Server configurator. Instructions for running the configurator as well as descriptions of the settings used are contained in the Postinstallation Configuration chapter of the Sun Java System Portal Server 6 2005Q4 Administration Guide.
To configure Web Server with a non-root ID, use the Web Server configurator. See Web Server Postinstallation Configuration.