| Author |
Message
|
| abhyyy |
 Posted: Tue Dec 27, 2011 8:17 pm Post subject: Conflict between User: mqm and Root on Linux wmb server |
 |
|
Voyager
Joined: 29 Sep 2011
Posts: 83
|
Hi Friends,
I have installed message broker, MQ on server wmb1 and DB2 Database on DM1.
Scenario : I am trying to read a file camp0007 from /home/mqm/ and put record into the remote database.
Problem:
If I start the QM and Broker as User : Root ,
It reads the file properly but fails to connect to database as duuring the catalogging for remote DB2 and setting DB params for Broker I used mqm as User, Moreover rights to access remote DB2 is given to mqm only. So this seems fine.
If I start the QM and Broker as User : mqm ,
It picks the file and throws it into transitin folder and it remains there , even if I'm doing this in debug mode my flow doesnt even reach on first breakpoint. If I put the record directly inkto the queue, Remote DB2 gets updated properly.
So as Root, I cant access remote DB2 but read the input file AND
as mqm , I cant read the file but update the remote DB2.
_________________
----------------------
NeVeR StOp LeaRnInG. |
|
| Back to top |
|
 |
| abhyyy |
| Posted: Tue Dec 27, 2011 8:18 pm Post subject: |
|
|
Voyager
Joined: 29 Sep 2011
Posts: 83
|
I have changed the rightts for transitin folder and given read,write,execute access to all. but same result
_________________
----------------------
NeVeR StOp LeaRnInG. |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Tue Dec 27, 2011 11:18 pm Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
Do not use 'mqm' as a user to run broker.
If you read the installation guide in the infocentre you will see that it tells you to create a separate user to run broker under.
This user should have 'mqbrkrs' as its primary group and be a member of 'mqm'.
Then change your fileinput directory to be a place where BOTH the app that creates the file and broker can read it.
Set the directory ownership to that of the broker user.
Then create a new group. Add the broker user to the group. Add the app that is going to write the the data to the group.
Set the group ownership of the directory to that group.
Test writitng a file from the app owner. Then test reading it as the broker user. Then test moving it as the broker user. You may have to adjust the permissions (rwx) on the directory.
Experiment. Document. If it does not work try something else. A little patience is needed here.
This is all Linux Sysadmin SOP. A little test like this used to be in the RHCE exam (I've not seen it for about 5 years).
Broker will have full rights to read the file. Then setup broker to access your ODBC data source.
Never run Broker as ROOT
Never run Broker under the MQM user.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Dec 28, 2011 5:21 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
And please take note of the excellent methodology suggested by smdavies99 to resolve the issue.
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Wed Dec 28, 2011 5:47 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
| smdavies99 wrote: |
Do not use 'mqm' as a user to run broker.
If you read the installation guide in the infocentre you will see that it tells you to create a separate user to run broker under.
This user should have 'mqbrkrs' as its primary group and be a member of 'mqm'.
...
Never run Broker as ROOT
Never run Broker under the MQM user. |
Here's a link to the installation guide. Pay attention to chapter 6. Follow the steps there IN ORDER, without skipping.
ftp://public.dhe.ibm.com/software/integration/wbibrokers/docs/V7.0/messagebroker_InstallationGuide.pdf
If you did the steps out of order, go back and re-do them. Yes, it matters. No, you can't just unpack some files and expect it to run correctly.
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
| abhyyy |
| Posted: Sat Dec 31, 2011 12:04 am Post subject: |
|
|
Voyager
Joined: 29 Sep 2011
Posts: 83
|
Thanks smdavies99 and everybody, Sorry for late reply.
I went through the installation guide and the point u mentioned, I adimit doing this blunder.
But I have already installed everything using user ID: ROOT. And have done the DB2 configuration as mqm. i cannot re-do the installation at this point of project using a New user ID as mention.
What if I start the Broker and QM as ROOT and also change the configuration for Remote DB2 (ODBC file,DBeparams and catalogging) and use ROOT instead of mqm(which i used earlier), I know that you said that it is not recommended, But should it solve the problem??
_________________
----------------------
NeVeR StOp LeaRnInG. |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Sat Dec 31, 2011 12:33 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
You must do the installation as 'root'. Once that is done, leave the root user alone.
The next important step is the user you supply to the mqsicreatebroker command.
This is the user where the 'mqsistop' & 'mqsistart' command must always be run from.
Once the broker is running under that user and you can connect to it from a toolkit, then and only then do you start configuring the ODBC connections via mqsisetdbparms.
Do not run WMQ or BROKER with 'root' as the user.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Sat Dec 31, 2011 5:49 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
| smdavies99 wrote: |
You must do the installation as 'root'. Once that is done, leave the root user alone.
The next important step is the user you supply to the mqsicreatebroker command.
This is the user where the 'mqsistop' & 'mqsistart' command must always be run from.
Once the broker is running under that user and you can connect to it from a toolkit, then and only then do you start configuring the ODBC connections via mqsisetdbparms.
Do not run WMQ or BROKER with 'root' as the user.
|
Of course, if the OP even read the installation guide, she would already know this fact. I suppose reading is not a required part of her job.
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
|
|
