1 mike 1.1.2.1
|
2 mike 1.1.2.4 1. The user that runs cimervermain is determined as follows.
|
3 mike 1.1.2.1
|
4 mike 1.1.2.4 (1) Look for serverUser configuration option on command line.
|
5 mike 1.1.2.1
|
6 mike 1.1.2.4 (2) Look for serverUser configuration option in planned configuration
7 file.
|
8 mike 1.1.2.3
|
9 mike 1.1.2.4 (3) Use the owner of the cimservermain program (if not root).
|
10 mike 1.1.2.1
|
11 mike 1.1.2.4 (4) Use "pegasus" (the default user).
|
12 mike 1.1.2.1
|
13 mike 1.1.2.4 2. All files but the repository are owned by root. The cimservermain
14 process may read any of the root owned files, but it must ask the
15 executor to modify the file system.
|
16 mike 1.1.2.1
|
17 mike 1.1.2.4 3. Cimservermain must own the repository and all files beneath.
18 The executor automatically sets ownership for these files upon
19 startup.
|
20 mike 1.1.2.2
|
21 mike 1.1.2.4 4. Provider agent is run as root, whenever the same user as server is
22 requested.
23
24 5. Executor checks whether Pegasus repository exists and errors out
25 if not.
|
26 mike 1.1.2.2
|
27 mike 1.1.2.4 7. Cimservermain owns the local-domain socket file (/tmp/cimxml.socket).
|
28 mike 1.1.2.3
29 8. For logging purposes, the executor uses "cimexecutor" as its syslog
30 identifier.
|
31 mike 1.1.2.5
32 9. Setting up PAM authentiction (non-standalone).
33
34 First compile with PEGASUS_PAM_AUTHENTICATION.
35
36 Next install the PAM configuration file.
37
38 % cd $PEGASUS_ROOT
39 % cp rpm/wbem /etc/pam.d
40 % chmod 0644 /etc/pam.d/wbem
41
42 10. Setting up standalone PAM authentication.
43
44 First compile with PEGASUS_USE_PAM_STANDALONE_PROC flag.
45
|