| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| UNIX authorization to a specific queue for all users |
« View previous topic :: View next topic » |
| Author |
Message
|
| poulter90 |
 Posted: Tue May 06, 2008 1:33 am Post subject: UNIX authorization to a specific queue for all users |
 |
|
Apprentice
Joined: 31 Dec 2007
Posts: 36
|
Hi ,
I know that authorization in UNIX is at group level , but I have many groups including hundreds of users , so I am trying to find the appropriate command like SETMQAUT which could grant the whole lot of groups
to a specific xmit queue
Is there a possibility to issue a command like :
SETMQAUT -m QManager -n QueueName + allmqi
Here I do not specify any principal or group and the queue should be accessed by everyone .
Thanks for help |
|
| Back to top |
|
 |
| Vitor |
| Posted: Tue May 06, 2008 1:36 am Post subject: Re: UNIX authorization to a specific queue for all users |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| poulter90 wrote: |
I am trying to find the appropriate command like SETMQAUT which could grant the whole lot of groups
to a specific xmit queue |
Pedantically I point out no group of users should be directly interacting with an xmitq.
AFAIK this kind of block authorisation is impossible. With a little script & some ingenuity you should be able to read /etc/groups and issue setmqaut for each of them.
Unless someone knows better than me. It's possible, and has happened in the past.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| poulter90 |
| Posted: Tue May 06, 2008 1:47 am Post subject: |
|
|
Apprentice
Joined: 31 Dec 2007
Posts: 36
|
Thanks Vitor ,
here is a little script to list users for the group you have choosen
#!/usr/bin/ksh
print " ";
print "List of principals from a choosen group ";
print " " ; print " " ;
PS3=" Which group number are you selecting ? "
select groupe in $(ypcat group)
do
# test if valid group
if [ -n "$groupe" ]
then
clear ;
print " You have choosen " $groupe ;print"";
break ;
else
print " Your choice is wrong , Please select another one " ;
fi
done
print $groupe > titi
awk -F ':' '{ print $3 }' < titi > toto
awk -F ':' '{ print $1 }' < titi > tata
num=$(cat toto)
grp=$(cat tata)
print " Here is the list of principals for Group : " $grp;
print "";
ypcat passwd | awk -F ':' '$4=='$num' { print $1 } '
print "";print"";print""; rm titi toto tata
Regards ... |
|
| Back to top |
|
|
| mvic |
| Posted: Tue May 06, 2008 3:15 am Post subject: Re: UNIX authorization to a specific queue for all users |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
setmqaut is the right command, and here is its documentation: http://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.amqzag.doc/fa15980_.htm My interpretation of that page is that you would need to issue one setmqaut command per group you want to add. But I see you're a shell programmer so this is not a big task.
| Code: |
# Pseudocode
For each Group in (list of groups)
Run "setmqaut ... -g Group ..." |
As a matter of good practice, capture the output from a program like this and review for errors / keep it for your records. And of course keep the program to document the setup for your qmgr.
Hope this helps |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
