ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Autosys EEM (igatewayd) file system rights


Article ID: 226007


Updated On:


CA Workload Automation AE - Scheduler (AutoSys)


The entire Autosys installation is located on directory /opt/rs /.

In addition to get higher level of security on the file systems, they changed the file system rights on /opt/rs 

     drwxrwxr-x  19 <autosys_admin_user> rsall  4096 Oct  4 09:54 rs
     drwxr-x---  19 <standard_admin_user> rsall  4096 Oct  4 09:54 rs

This change is exclusive on directory /opt/rs , all subordinate directories retain their previous rights.
The user dsa of the CA Directory Services and the <autosys_admin_user> are members of the rsall group.

But now the igateway.log contains the following entry:

[22972439251840] 10/06/21 05:53:53 FATAL :: ServerConfigBuilder::handlerError : Fatal error at file : , line : 0, char : 0, message : unable to open primary document entity '/opt/rs/ccp/iTechnology/igateway.conf' 
[22972439251840] 10/06/21 05:53:53 FATAL :: ServerConfigBuilder::buildServerConfig : There where errors when parsing server conf file 
[22972439251840] 10/06/21 05:53:53 FATAL :: ITECH_MAIN: Unable to build the server configuration

The service starts but the EEM environment is not available.

Since the service is executed with root, the question is why the access to the igateway.conf file is not possible.
As soon as the rights are changed to the previous status, the service will work normally again.

The igateway data are installed on /opt/rs/ccp/iTechnology and the service is executed as root via the standard start script /etc/init.d/igatewayd.



Release : 12




SELINUX was actually still active on the test system. 

The automatic installation has changed the access rights under/opt/rs/ccp/ so that parts of the files no longer belonged to the root user. 

After the rights have been set and SELINUX has been deactivated, the igateway daemon works with the enhanced security.