Sun Java System Application Server Enterprise Edition 8.2 High Availability Administration Guide

Node Supervisor Processes Privileges

The node supervisor processes (NSUP) ensure the availability of HADB by exchanging “I’m alive” messages with each other. The NSUP executable files must have root privileges so they can respond as quickly as possible. The clu_nsup_srv process does not consume significant CPU resources, has a small footprint, and so running it with real-time priority does not affect performance.

Note –

The Java Enterprise System installer automatically sets the NSUP privileges properly, so you do not need to take any further action. However, with the standalone Application Server (non-root) installer, you must set the privileges manually before creating a database.

Symptoms of Insufficient Privileges

If NSUPs do not have the proper privileges, you might notice symptoms of resource starvation such as:


If NSUP cannot set the real-time priority errno is set to EPERM on Solaris and Linux. On Windows it issues the warning “Could not set real-time priority”. The error is written to the ma.log file, and the process continues without real-time priority.

Setting real-time priorities is not possible when:

ProcedureTo Give Node Supervisor Processes Root Privileges

  1. Log in as root.

  2. Change your working directory to HADB_install_dir/lib/server.

    The NSUP executable file is clu_nsup_srv .

  3. Set the file’s suid bit with this command:

    chmod u+s clu_nsup_srv

  4. Set the file’s ownership to root with this command:

    chown root clu_nsup_srv

    Thus, the clu_nsup_srv process will run as root, and it will be able to give itself real-time priority.

    To avoid any security impact, the real-time priority is set immediately after the process is started and the process falls back to the effective UID once the priority has been changed. Other HADB processes run with normal priority.