Hitachi

JP1 Version 12 JP1/Automatic Job Management System 3 Configuration Guide


15.2.18 Enabling the file access permission check for the ACL and secondary group settings during job execution

This subsection describes how to enable the file access permission check not only for file permissions during job execution, but also for the ACL and secondary group settings.

The procedure in this subsection must be performed for each agent host. The file access permission check is effective only for Unix jobs and the HTTP connection jobs executed on Linux hosts.

Note that the procedure in this subsection is not necessary when you use the queueless job execution functionality. During the execution of queueless jobs, both file permissions and the ACL and secondary group settings are subject to the file access permission check conducted.

Cautionary note:

You cannot enable this function if the JP1/AJS2 - Agent (or JP1/AJS2 - Manager) 08-10 or an earlier version is installed on the agent host.

Organization of this subsection

(1) Definition procedure

  1. Stop the JP1/AJS3 service.

    Execute the following commands to confirm that all processes have stopped:

    # /etc/opt/jp1ajs2/jajs_stop#1
    # /opt/jp1ajs2/bin/jajs_spmd_status
    #1:

    Confirm that automatic termination has been set.

  2. Execute the following command to set the environment setting parameter described in (2) below:

    jajs_config -k "definition-key" "parameter-name"=value
  3. Restart JP1/AJS3.

    The new settings are applied.

(2) Environment setting parameter

Table 15‒37: Environment setting parameter used to change the settings for checking file access permissions during job execution

Definition key

Environment setting parameter

Explanation

[{JP1_DEFAULT|logical-host}\JP1NBQAGENT\Job]#

"FileAccessPermissionMode"=

This parameter specifies the method of checking file access permissions during the execution of Unix jobs and the execution of HTTP connection jobs on Linux hosts.

#:

The specification of the {JP1_DEFAULT|logical-host} part depends on whether the host is a physical host or a logical host. For a physical host, specify JP1_DEFAULT. For a logical host, specify the logical host name.

For details about the definition of this environment setting parameter, see 20.5.2(64) FileAccessPermissionMode.