Table of Contents

Search

  1. Preface
  2. Analyst Service
  3. Catalog Service
  4. Content Management Service
  5. Data Integration Service
  6. Data Integration Service Architecture
  7. Data Integration Service Management
  8. Data Integration Service Grid
  9. Data Integration Service REST API
  10. Data Integration Service Applications
  11. Data Privacy Management Service
  12. Enterprise Data Preparation Service
  13. Interactive Data Preparation Service
  14. Informatica Cluster Service
  15. Mass Ingestion Service
  16. Metadata Access Service
  17. Metadata Manager Service
  18. Model Repository Service
  19. PowerCenter Integration Service
  20. PowerCenter Integration Service Architecture
  21. High Availability for the PowerCenter Integration Service
  22. PowerCenter Repository Service
  23. PowerCenter Repository Management
  24. PowerExchange Listener Service
  25. PowerExchange Logger Service
  26. SAP BW Service
  27. Search Service
  28. System Services
  29. Test Data Manager Service
  30. Test Data Warehouse Service
  31. Web Services Hub
  32. Application Service Upgrade
  33. Appendix A: Application Service Databases
  34. Appendix B: Connecting to Databases from Windows
  35. Appendix C: Connecting to Databases from UNIX or Linux
  36. Appendix D: Updating the DynamicSections Parameter of a DB2 Database

Configuring System Permissions for the Operating System Profile User

Configuring System Permissions for the Operating System Profile User

Configure system permissions on the files and directories that operating system profile users must access at design time.
  1. Make sure that the operating system user that starts the Informatica services has sudo permission.
  2. On Linux, verify that setuid is enabled on the file system that contains the Informatica installation.
    If necessary, remount the file system with setuid enabled.
  3. Make sure that all the library files in the following directory have at least 755 permissions:
    <Informatica installation directory>/services/shared/bin
  4. Make sure that the operating system profile users have 777 permissions on the $DISTempDir directory and at least 750 permissions on the $DISLogDir directory.
  5. Make sure that the operating system profile users have at least 755 permissions to the directory where the pmsuid file is located and all its parent directories.
    The pmsuid file is located in the following directory:
    <Informatica installation directory>/services/shared/bin
  6. Set the owner and group of
    pmsuid
    to root and set the permissions. Perform the following steps on each node where the Metadata Access Service runs:
    1. At the command prompt, switch to the following directory:
      <Informatica installation directory>/services/shared/bin
    2. Enter the following information at the command line to log in as root:
      su root
    3. Enter the following command to create a group for the administrator user:
      sudo groupadd <group name>
    4. Enter the following command to add the administrator user to the group:
      sudo usermod -G <group name> <Informatica administrator user>
      The administrator user is the Linux user whose permissions are used for all Informatica services.
    5. Enter the following command to change the owner and group of pmsuid to root and the group that you created:
      chown root:<group name> pmsuid
    6. Set the following permissions:
      chmod 6710 pmsuid
    7. Verify that the permissions for the pmsuid file appear as follows:
      rws--s---
  7. Set the umask value of the directories that the operating system profile accesses to 0027 or 0077 for better security.
    When you create these directories on Linux, the default umask value is set to 0222.