6.2.2 Service linkage objects monitoring job execution environment and permissions
This subsection describes the execution environment, such as the process structure, and access permissions to resources when service linkage objects monitoring jobs are executed.
- Organization of this subsection
-
-
(1) Process structure of service linkage objects monitoring jobs
-
(2) Execution permissions of service linkage objects monitoring jobs
-
(3) Environment variables when information acquisition commands are executed
-
(4) Where the current directory is when information acquisition commands are executed
-
(5) When and what information do service linkage objects monitoring jobs read
-
(1) Process structure of service linkage objects monitoring jobs
A service linkage objects monitoring daemon must be started on the monitoring job execution host to use service linkage objects monitoring jobs.
The following figure and table show the OS user who executes service linkage objects monitoring jobs and information acquisition commands, and the process structure.
|
|
![[Figure]](./GRAPHICS/ZU060210.GIF)
|
Process name (number of processes) |
Description |
||||
|---|---|---|---|---|---|
|
jajs_spmd (1) |
JP1/AJS3 service |
||||
|
jpoagent (1) |
Event/action control agent process |
||||
|
jpoagtsub (1) |
Event/action control subagent process |
||||
|
ajscsaobjmond (1) |
Service linkage objects monitoring daemon. It is a resident process that controls execution of monitoring processing of service linkage objects monitoring jobs. |
||||
|
Information acquisition command (1 or more) |
Is started when monitoring processing is executed (at monitoring intervals). When multiple jobs are executed concurrently, the number of processes increase based on the number of concurrently executed jobs. |
||||
The service linkage objects monitoring daemon above is a process that is started when you start the JP1/AJS3 service with the CloudObjectMon environment setting parameter specified. For the function to start the JP1/AJS3 service, see the JP1/AJS3 manual.
(2) Execution permissions of service linkage objects monitoring jobs
As described in (1), a service linkage objects monitoring job is started by the service linkage objects monitoring daemon. Therefore, files such as log files and connection configuration files are operated with the permissions of the user who started the JP1/AJS3 service.
Furthermore, the following is executed based on the JP1 user defined by the Executed by value specified for the custom event job:
-
Information acquisition command by a mapped OS user
-
Communication with the JP1/AJS3 for Cloud Service Applications server
With the permissions for operation previously mentioned in mind, consider the appropriate user who starts the JP1/AJS3 service, JP1 user, and mapped OS user.
(3) Environment variables when information acquisition commands are executed
Environment variables are set by service linkage objects monitoring jobs when commands are executed. These variables take effect in the following order of priority (with the highest priority of 1).
-
In Windows
-
Environment variables specified separately by a command
-
Environment variables specified as global
-
Environment variables for the job execution user
-
Environment variables specified when the service is started
-
-
In Linux
-
Definitions in the local login script
-
Definitions in the system login script
-
Environment variables set separately by a job#
-
Environment variables specified separately by a command
-
Environment variables specified as global
-
Environment variables specified when the service linkage object monitoring daemon is started
- #
-
The following table lists the environment variables to be set.
Table 6‒3: Environment variables set separately by a job No.
Environment variable name
Value to be set
1
HOME
Login directory defined in the password file of the command execution user
2
SHELL
Login shell defined in the password file of the command execution user
-
(4) Where the current directory is when information acquisition commands are executed
The current directory when a command is executed is the service linkage objects monitoring job temporary file folder (directory). For the exact path, see A. Files and Directories.
All the files under the service linkage objects monitoring job temporary file folder (directory) are deleted when the service linkage objects monitoring daemon is started. Avoid an operation in which command execution results in saving any files in the current directory.
(5) When and what information do service linkage objects monitoring jobs read
A service linkage objects monitoring job reads the following information using the permissions in (2):
-
Connection configuration file used to access JP1/AJS3 for Cloud Service Applications
-
Definition information below, defined in the JP1/AJS3 for Cloud Service Applications server:
-
Connection definition information
-
Authentication definition information
-
Service linkage objects monitoring definition information
-
The above information, except for the authentication definition information, is read by the service linkage objects monitoring job when started. The authentication definition information is read both when the job is started and at monitoring intervals.
As mentioned above, you do not have to stop the job when you want to update the authentication information. You will have access to the cloud service by updating it while the job is running.