| Author |
Message
|
| muthum_2000 |
 Posted: Tue Oct 18, 2011 10:28 am Post subject: Unable to start MQ after UID change |
 |
|
Voyager
Joined: 10 Jul 2006
Posts: 85
|
Guys
Iam getting following error in Queuemanager errorlog;
10/18/11 13:06:09 - Process(274590.1) User(abcd) Program(amqzxma0_nd)
Host(xxxxxx)
AMQ5008: An essential WebSphere MQ process 852114 (amqzfuma) cannot be found
and is assumed to be terminated.
EXPLANATION:
1) A user has inadvertently terminated the process. 2) The system is low on
resources. Some operating systems terminate processes to free resources. If
your system is low on resources, it is possible it has terminated the process
so that a new process can be created.
ACTION:
WebSphere MQ will stop all MQ processes. Inform your systems administrator.
When the problem is rectified WebSphere MQ can be restarted.
-------------------------------------------------------------------------
Actually the Unix admin has changed the UID of the user and problem started after that.
I tried giving permissions to user again using setmqaut(both at qmgr as well as queue level), refreshed security.
Then tried to start Qmgr using userid, but the qmgr ends preemptively first and later on displays the status 'Ended unexpectedly'.
FYI, userid is part of mqm group. User was already performing MQ start/stop activities without any issues and the real issue started after the UID of the user was changed.
Any suggestions/advice pls. |
|
| Back to top |
|
 |
| mvic |
| Posted: Tue Oct 18, 2011 10:49 am Post subject: Re: Unable to start MQ after UID change |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| muthum_2000 wrote: |
| Any suggestions/advice pls. |
Uninstall and reinstall MQ. |
|
| Back to top |
|
|
| muthum_2000 |
| Posted: Tue Oct 18, 2011 10:54 am Post subject: |
|
|
Voyager
Joined: 10 Jul 2006
Posts: 85
|
I do not think that uninstall and reinstall is necessary here because iam able to start MQ Managers as 'mqm' id as well as using my userid(which is also a part of mqm group similar to user)
There should be something at Unix level or at MQ level needs to be changed for this issue.
Please let me know if anyone get any idea regarding this issue. |
|
| Back to top |
|
|
| ramires |
| Posted: Tue Oct 18, 2011 10:57 am Post subject: |
|
|
Knight
Joined: 24 Jun 2001
Posts: 523
Location: Portugal - Lisboa
|
A FDC file created? Maybe its not related to the UID change. Ther are several hits if you search for AMQ5008
Regards |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Oct 18, 2011 10:58 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You should never use anything other than the mqm id to issue strmqm.
Ever.
If you need to issue it from another user, that user should instead use sudo to issue it as the mqm user. |
|
| Back to top |
|
|
| mvic |
| Posted: Tue Oct 18, 2011 11:05 am Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| mqjeff wrote: |
You should never use anything other than the mqm id to issue strmqm.
Ever.
If you need to issue it from another user, that user should instead use sudo to issue it as the mqm user. |
This is not advised in the MQ manuals. You should be able to use any user in the mqm group. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Oct 18, 2011 11:08 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| muthum_2000 wrote: |
| I do not think that uninstall and reinstall is necessary here because iam able to start MQ Managers as 'mqm' id as well as using my userid(which is also a part of mqm group similar to user) |
This means something dubious has been done to your install to get that to work.
| muthum_2000 wrote: |
| There should be something at Unix level or at MQ level needs to be changed for this issue. |
There should be, but I'd not be surprised to discover there isn't. Ask your sys admin how he got this working last time, & get him to do it again. Then ask why he changed the UID.
| muthum_2000 wrote: |
| Please let me know if anyone get any idea regarding this issue. |
Reinstall the software and only ever use mqm to start or stop queue managers (i.e. use the software as it's designed to be used).
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mvic |
| Posted: Tue Oct 18, 2011 11:11 am Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| muthum_2000 wrote: |
| I do not think that uninstall and reinstall is necessary here because iam able to start MQ Managers as 'mqm' id as well as using my userid(which is also a part of mqm group similar to user) |
If all you say is correct, then it should not matter that the admin changed the UID of one of your mqm-group users. I wonder what else changed.
Check the permissions under /opt/mqm/bin and /var/mqm/qmgrs are the same as a known-good installation. If programs have had their setuid/setgid bits removed by an admin, then MQ will no longer work. But maybe this is not what is wrong in your case; I am only guessing. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Oct 18, 2011 11:11 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mvic wrote: |
| mqjeff wrote: |
You should never use anything other than the mqm id to issue strmqm.
Ever.
If you need to issue it from another user, that user should instead use sudo to issue it as the mqm user. |
This is not advised in the MQ manuals. You should be able to use any user in the mqm group. |
I thought it was a best practice somewhere, because it prevents problems with the file system?
I've never run the software as anything other than mqm on Unix (whatever that proves).
Certainly whatever user you end up running it as should be non-terminal & have to be sudo'd into. Keeps the auditors quiet.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Oct 18, 2011 11:13 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mvic wrote: |
| If programs have had their setuid/setgid bits removed by an admin, then MQ will no longer work. |
Yes, that. Use mqm to prevent that (because other user ids often don't have that).
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mvic |
| Posted: Tue Oct 18, 2011 11:13 am Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| Vitor wrote: |
| Reinstall the software and only ever use mqm to start or stop queue managers (i.e. use the software as it's designed to be used). |
Any user in the mqm group can be used to administer MQ. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Oct 18, 2011 11:16 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| mvic wrote: |
| Vitor wrote: |
| Reinstall the software and only ever use mqm to start or stop queue managers (i.e. use the software as it's designed to be used). |
Any user in the mqm group can be used to administer MQ. |
the only user in the mqm group should be the mqm user. |
|
| Back to top |
|
|
| muthum_2000 |
| Posted: Tue Oct 18, 2011 11:27 am Post subject: |
|
|
Voyager
Joined: 10 Jul 2006
Posts: 85
|
Guys,
Thanks a lot for all your valued responses...
Issue Fixed now...
It is a Unix Level Issue as i guessed...
User's UID was changed...but unix admin made changes only in local server and did not add the same entry in NIS. Authentication happens from NIS and since this entry was missing...unable to start MQ.
Now after the updation in NIS server, User is able to Start MQ without any issues.
Once again thanks a lot for all your suggestions. |
|
| Back to top |
|
|
| mvic |
| Posted: Tue Oct 18, 2011 11:29 am Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| muthum_2000 wrote: |
| Issue Fixed now... |
Thank you for updating the thread. Glad you got it fixed!  |
|
| Back to top |
|
|
|
|
