The root user can grant write permission of the appropriate files and directories to a non-root user. The non-root user can then create the profile. The root user can create a group for users who are authorized to create profiles, or the root user can give individual users the authority to create profiles. The following example task shows how to create a group that is authorized to create profiles.
This task assumes a basic familiarity with system commands.
You must have root authority to accomplish the following tasks.
The steps that you follow to grant write permission of files and directories to a non-root user for profile creation depend on whether a profile was previously created.
If at least one profile was created prior to implementing the following steps, then certain directories and files were created. Because these directories and files were created, skip the steps that create these directories and files. If no profile was previously created, then you must complete the steps to create the required directories and files. In most cases, a profile has been created previously.
The root user can perform the following steps to create the profilers group and give the group appropriate permissions to create a profile.
The root user created the profilers group and gave the group proper permissions to certain directories and files to create profiles.
These directories and files are the only ones in the installation root of the product to which a non-root user needs to write to create profiles.
The non-root user that belongs to the profilers group can create profiles in a directory that the non-root user owns and to which the non-root user has write permission. However, the non-root user cannot create profiles in the installation root directory of the product.
A non-root user ID can manage multiple profiles. The same non-root user ID can manage an entire profile, whether it is the deployment manager profile, a profile that contains the application servers and the node agent, or a custom profile. A different user ID can be used for each profile in a cell, whether global security or administrative security is enabled or disabled. The user IDs can be a mix of root and non-root user IDs. For example, the root user might manage the deployment manager profile, while a non-root user might manage a profile that contains application servers and the node agent, or vice versa. However, typically, a root user or a non-root user can manage all profiles in a cell.
The non-root user can use the same tasks to manage a profile that the root user uses.
In this information ...Related reference
| IBM Redbooks, demos, education, and more(Index) |