When running CA Access Gateway (SPS) installer as silent with smuser account, the installer makes:

• All files to have execution rights;
• All files to belong to smuser;
• User smuser has rights to modify files.

To have the owner of the files being other than smuser, another account than smuser should be used to run the installer.

Smuser won't have permission to set other user as the owner if it's not set at the OS level to have permission to do that.

Usually, root or equivalent user can do this.

So to "have those files owns by root and read access for the smuser.", install the product as root, not as smuser which probably hasn't the root permission.

To get the files set with the group and everybody to read only, please open an Enhancement Request (Idea) (1).

1. Creating an Idea/Enhancement Request for SiteMinder