We’ve had a lot of questions about allowing the root user to execute jobs on Unix, so I thought it would be good to put this together so that we have some basic information available for all customers. There are a few things that need to be done in preparation, mainly the items contained within our documentation (referenced below):
- For actual operation, the program ucxj??? can be given the permissions of a privileged user such as root.
- Change owner to root
chown root ucxj???
- Set S-Bit (Set-Userid)
chmod 4755 ucxj???
Once this has been set, the only restriction in place is contained within the Agent’s .ini file, with an example of the pertinent section contained below:
; - access for root user requires:
This is commented out by default, and should only be enabled with strict control and access to the login objects. After this has been configured appropriately, you will need to put the root user/password into a Login object and utilize that for your jobs.
There may be unforeseen issues with individual environments, but in most cases these are the modifications necessary to restrict/allow access such as this.