On Tuesday, November 12, as part of a company wide initiative to bring all corporate websites under the OpenText brand, the Community will be down briefly around 11am Eastern / 8am Pacific as we transition to a new domain name.  The community will be offline while we make the change and when it comes back online it will be located at community.opentext.com and the old domain will redirect to this new location.  Thank you for your patience as we make this important change.

Wikis - Page

Start Agent Automatically Under A Dedicated Account

0 Likes
Not everyone can be root!

One of the first questions I get from customers about installing the Serena Deployment Automation (SDA) Agent on a Linux (or Unix) machine is… can I run the agent under a dedicated account (i.e. anyone but root)? And do you provide an init file?
The answer is…YES. Yes you can. Yes we do.
In fact, Serena recommends that you create a user account dedicated to run the agent on the machine. This allows you to control who can run what and allows you stay within the IT policy and procedures.
To configure the agent to run under a dedicated account is simple.
  1. Create your dedicated agent account if you have not done so already.
  2. Update the agent init file with the account information.
  3. Update your runlevels.

"Sandwich" by xkcd is licensed under CC BY 2.5

 

Note:
  • Depending on the permissions you give this dedicated account and your policies, you may also need to update the sudoers file so that it can deploy updates, start and stop services on your machine. For example, if your agent needs to start and stop JBOSS, then the dedicated account will either need permissions to do so or you will need to use impersonation on your components for these steps in your deploy process.
  • If you installed the agent as root and if your AGENT_HOME is owed by root, change owner and group to the dedicated account.

We’ll skip the ‘how to’ on creating the account, changing owner, group, etc. If you are reading this, most likely you can teach me a thing or two about Linux. If you’re just discovering the wonderful world of Linux, shoot me an email. We can run through this together.

SDA Agent INIT File

The agent installer provides a script file that can be copied to your init directory. However, you will need to modify it first.
  1. Go to the /core/bin/init directory.
  2. Modify the sraagent file by setting the AGENT_USER and AGENT_GROUP variables to the dedicated account. By default they are blank which will use root.
  3. Save the file.
  4. Using your runlevel configuration tool, update when the agent service is started on boot and reboots.

 

That’s it. You now have an SDA agent running under an account that IT is happy with. Now if world hunger was this easy to solve, we would all be heroes.

Do you have quick tip to share on your experience? Please share in the comments below so we can all learn more.

PS. If you know who the originator is for the ‘make me a sandwich’ illustration, let me know. I love it!

PSS. Thanks to Jessica, I now know who to give credit to!

Tags:

Labels:

How To-Best Practice
Comment List
Related
Recommended