Table of Contents

Search

  1. Preface
  2. Analyst Service
  3. Catalog Service
  4. Content Management Service
  5. Data Integration Service
  6. Data Integration Service Architecture
  7. Data Integration Service Management
  8. Data Integration Service Grid
  9. Data Integration Service REST API
  10. Data Integration Service Applications
  11. Enterprise Data Preparation Service
  12. Interactive Data Preparation Service
  13. Informatica Cluster Service
  14. Mass Ingestion Service
  15. Metadata Access Service
  16. Metadata Manager Service
  17. Model Repository Service
  18. PowerCenter Integration Service
  19. PowerCenter Integration Service Architecture
  20. High Availability for the PowerCenter Integration Service
  21. PowerCenter Repository Service
  22. PowerCenter Repository Management
  23. PowerExchange Listener Service
  24. PowerExchange Logger Service
  25. SAP BW Service
  26. Search Service
  27. System Services
  28. Test Data Manager Service
  29. Test Data Warehouse Service
  30. Web Services Hub
  31. Application Service Upgrade
  32. Appendix A: Application Service Databases
  33. Appendix B: Connecting to Databases from Windows
  34. Appendix C: Connecting to Databases from UNIX or Linux
  35. Appendix D: Updating the DynamicSections Parameter of a DB2 Database

Application Service Guide

Application Service Guide

Configuring System Permissions for the Operating System Profile User

Configuring System Permissions for the Operating System Profile User

Configure system permissions on the files and directories that operating system profile users must access at design time.
  1. Make sure that the operating system user that starts the Informatica services has sudo permission.
  2. On Linux, verify that setuid is enabled on the file system that contains the Informatica installation.
    If necessary, remount the file system with setuid enabled.
  3. Make sure that all the library files in the following directory have at least 755 permissions:
    <Informatica installation directory>/services/shared/bin
  4. Make sure that the operating system profile users have 777 permissions on the $DISTempDir directory and at least 750 permissions on the $DISLogDir directory.
  5. Make sure that the operating system profile users have at least 755 permissions to the directory where the pmsuid file is located and all its parent directories.
    The pmsuid file is located in the following directory:
    <Informatica installation directory>/services/shared/bin
  6. Set the owner and group of
    pmsuid
    to root and set the permissions. Perform the following steps on each node where the Metadata Access Service runs:
    1. At the command prompt, switch to the following directory:
      <Informatica installation directory>/services/shared/bin
    2. Enter the following information at the command line to log in as root:
      su root
    3. Enter the following command to create a group for the administrator user:
      sudo groupadd <group name>
    4. Enter the following command to add the administrator user to the group:
      sudo usermod -G <group name> <Informatica administrator user>
      The administrator user is the Linux user whose permissions are used for all Informatica services.
    5. Enter the following command to change the owner and group of pmsuid to root and the group that you created:
      chown root:<group name> pmsuid
    6. Set the following permissions:
      chmod 6710 pmsuid
    7. Verify that the permissions for the pmsuid file appear as follows:
      rws--s---
  7. Set the umask value of the directories that the operating system profile accesses to 0027 or 0077 for better security.
    When you create these directories on Linux, the default umask value is set to 0222.

0 COMMENTS

We’d like to hear from you!