ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » user conflict while creating log files using log4j

Post new topic  Reply to topic
 user conflict while creating log files using log4j « View previous topic :: View next topic » 
Author Message
sk_gladiator
PostPosted: Thu Jun 24, 2010 11:56 pm    Post subject: user conflict while creating log files using log4j Reply with quote

Newbie

Joined: 24 Jun 2010
Posts: 1
Hi All

we are trying to create logfiles (written in JCN) using log4j through a message broker flow.

things are working fine, but issue is the AIX box, we have been given a user id for the environment and the file is created under mqbrkrs user for which we have no access. Client is not willing to add our user to the mqbrkrs group.

due to which we are not able to read the files created (permission denied)

is there any way that the log4j can specify the user through which we can create the logfiles.

thanks in advance please
Sk
Back to top
View user's profile Send private message Send e-mail
smdavies99
PostPosted: Fri Jun 25, 2010 1:07 am    Post subject: Re: user conflict while creating log files using log4j Reply with quote

Jedi Council

Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
sk_gladiator wrote:
Client is not willing to add our user to the mqbrkrs group.


This is IMHO, a very sensible stance to take.

What they can do is give everyone read access to the directory where the logs are created. This way, your sticky fingers can read the file(s) but can't change anything.

Adding your user(s) to the mqbrkrs group is very dangerous. Do you really want to give your users the rights to delete the broker?

There could quite well be other solutions to this problem depending upon the security packages used on your AIX box.

As an ex Unix/Linux SysAdmin I can't really undertand the reluctance of SysAdmins to let users have read access to things like the Broker & WMQ logs especially in DEV environments. One place I worked in refused this even in DEV and to get even a snapshot required you to raise a service ticket.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995

Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » user conflict while creating log files using log4j
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.