When the WA System Agent is started, it is creating the /tmp/.com_ibm_tools_attach directory that contains world-writeable files. Is there a way to configure the agent to set the default permissions on these files without world-write?

Release : 12

Component : CA Workload Automation Agent (AutoSys)

Go to the agent install directory and edit the cybAgent script. Add these lines somewhere above where it cd's to the agent directory and runs an exec on cybAgent.bin...

IBM_JAVA_OPTIONS=-Dcom.ibm.tools.attach.enable=no
export IBM_JAVA_OPTIONS

You can then stop the agent, delete the /tmp/.com_ibm_tools_attach directory, and then restart the agent. The directory will not return after you restart the agent.

This disables the Java Attach API that is enabled by default in the JRE and is what is responsible for creating that directory. However, it is not needed by the agent so it is safe to disable.