ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Starting User Trace on AIX Throws Errors

Post new topic  Reply to topic Goto page 1, 2  Next
 Starting User Trace on AIX Throws Errors « View previous topic :: View next topic » 
Author Message
EricCox
PostPosted: Wed Jan 16, 2013 9:40 am    Post subject: Starting User Trace on AIX Throws Errors Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

To all,

On WMB 7.0 I try to start a trace and receive this set of errors.

Am I missing paths or environment variables?

I am logging on with my own user and .profile. It is pretty default stuff right now.

exec(): 0509-036 Cannot load program /opt/IBM/mqsi/7.0/bin/mqsichangetrace because of the following errors:
0509-150 Dependent module libImbCmdLib.a(libImbCmdLib.a.so) could not be loaded.

Here are the two commands I run to start the trace:
mqsichangetrace BROKER7 -u -e EGTest -r

mqsichangetrace BROKER7 -u -e EGTest -l debug -c 200000


Thanks,
Eric
Back to top
View user's profile Send private message
mqjeff
PostPosted: Wed Jan 16, 2013 9:53 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

you didn't source mqsiprofile.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 9:55 am    Post subject: Source mqsiprofile Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

Here is what I run and what comes back:
n099999@abkrrib00001d01:/home/n016438$ . /opt/IBM/mqsi/7.0/bin/mqsiprofile

MQSI 7.0.0.1
/opt/IBM/mqsi/7.0

Now when I try to run the trace I get:
Failed to open file /var/mqsi/registry/%1/HASharedWorkPath with error The file access permissions do not allow the specified action.
BIP2113E: Message broker internal error: diagnostic information ''The file access permissions do not allow the specified action.'', '13', ''/var/mqsi/registry/%1/HASharedWorkPath''.
An internal software error has occurred in the message broker. Further messages will indicate the effect of this error on the broker's transactions.
Shutdown and restart the message broker. If the problem continues to occur, then restart the system. If the problem still continues to occur contact your IBM support center.

BIP8081E: An error occurred while processing the command.
An error occurred while the command was running; the command has cleaned up and ended.


Last edited by EricCox on Wed Jan 16, 2013 10:14 am; edited 1 time in total
Back to top
View user's profile Send private message
mqjeff
PostPosted: Wed Jan 16, 2013 10:13 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

sounds like you're not authorized to administer the broker.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 10:15 am    Post subject: Authorized Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

How do I get authorized?

Is it a group assignment? I'll be happy to read if you can point me to a doc.

Thanks a bunch Jeff!
Back to top
View user's profile Send private message
mqjeff
PostPosted: Wed Jan 16, 2013 10:24 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

You probably actually need to run these commands as the broker service user.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 10:25 am    Post subject: Request to Add to Admin Groups Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

I've requested to be added to mqm and mqbrkrs groups on this aix box.

Is that all I need?
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 10:28 am    Post subject: Financial Institution Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

We can run user traces on WMB 6.0 on Windows as our own user.

I'm hoping I can do that the same on AIX.

Running interactive commands as the service user in a financial institution is frowned upon and I understand why.

I'm hoping I can work around that.
Back to top
View user's profile Send private message
mqjeff
PostPosted: Wed Jan 16, 2013 10:29 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

being a member of mqbrks *might* be sufficient.

But you *might* have to run these commands as the broker service user.
Back to top
View user's profile Send private message
Vitor
PostPosted: Wed Jan 16, 2013 10:33 am    Post subject: Re: Financial Institution Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

EricCox wrote:
Running interactive commands as the service user in a financial institution is frowned upon and I understand why.


As someone with more than a little financial experience, I find it's frowned on only if used directly. Set mqbrkrs as a non-terminal user, give a controlled & audited list of people rights to sudo into it & log the sudo command. Used that all over the place. Makes auditors go "Ooo..." and clap their hands.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 10:43 am    Post subject: Broker User Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

I didn't set up the machine. I'm not sure what user is running broker. Is there a way to look?

I tried to $su mqbrkrs but it said the user doesn't exist.

Sudo'ing into a user is a good way. I like that idea.
Back to top
View user's profile Send private message
Vitor
PostPosted: Wed Jan 16, 2013 11:10 am    Post subject: Re: Broker User Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

EricCox wrote:
I didn't set up the machine. I'm not sure what user is running broker. Is there a way to look?


ps - ef | grep bip

EricCox wrote:
I tried to $su mqbrkrs but it said the user doesn't exist.


Speak to your sys admins. They may have a method they like better.

EricCox wrote:
Sudo'ing into a user is a good way. I like that idea.


It's great. You have logs the auditors can lose days checking, you can let them have audits of who's in the sudoers list while you do real work and you can easily produce documents describing the procedure of applying for sudo access with example forms people need to fill out. In colour. Or color, depending on Atlantic orientation.

My tip: include a procedure where you go through the sudoers list once a year and make people prove they still need that high level of access. Demonstrates you're committed to keeping the access as locked down as possible. You win points.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 12:20 pm    Post subject: ps -ef Results Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

Here is what I get:
n000000@abkrrib000000000:/home/n000000$ ps -ef | grep bip
candle 7864402 13959338 0 Jan 09 - 0:42 biphttplistener BKRD711
candle 8781992 1 0 Jan 09 - 0:01 bipservice BKRD711
candle 13959338 8781992 0 Jan 09 - 2:42 bipbroker BKRD711
bkrd02 15990922 17629334 0 14:00:29 - 0:02 biphttplistener BKRD11
bkrd02 17629334 17825962 0 14:00:25 - 0:04 bipbroker BKRD11
bkrd02 17825962 1 0 14:00:25 - 0:00 bipservice BKRD11
Back to top
View user's profile Send private message
mqjeff
PostPosted: Wed Jan 16, 2013 12:22 pm    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

so you need to su to the candle user.
Back to top
View user's profile Send private message
EricCox
PostPosted: Wed Jan 16, 2013 12:30 pm    Post subject: Two Pairs of Eyes Reply with quote

Master

Joined: 08 Apr 2011
Posts: 292

Thanks for the second pair of eyes. That's what I'm seeing also.

UNIX is saying we don't have assignment to mqm and mqbrkrs groups. But that isn't true we do on our Dev Windows instance. We can logon as ourselves and run traces.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Goto page 1, 2  Next Page 1 of 2

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Starting User Trace on AIX Throws Errors
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.