You can use the scha_check_app_user command to obtain the configured application user name for a resource that is under the control of the RGM, and check the ownership and permissions on an executable file. The executable file is typically an application program that is intended to be executed by a method or monitor of the resource, using a wrapper such as su(1M) to set the user ID to the configured user. The resource method or monitor should invoke scha_check_app_user prior to execution of the application program. Depending on the output of scha_check_app_user, the method or monitor should return an error or output a warning message if security-related problems are detected.
See the scha_check_app_user(1HA ) man page for more information.