search cancel

Service Manager listener process doesnt bind to the user "nobody" on AIX

book

Article ID: 252913

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

Service Manager Listener process is unable to bind to the user "nobody" on AIX
Expected Behavior: It should be able to bind to the user "nobody" as long as the listenerUID= and listenerGID= is configured in the servicemanager ini and started as root.

Environment

Release: 12.3.x

             : 21.0.x

Component: Automation Engine

Sub-Component: Service Manager

Cause

In older UNIX/Linux systems user and group ids (uids and gids) were only 16bit values - i.e., the maximum uid/gid was 65535 .

System word lengths got longer and at some point several UNIX systems or GNU/Linux used higher values for uids and gids.

Generally, the higher the uid the lower the privileges on the system, Hence the user nobody often has the UID_MAX -1 as uid.

AIX 7.1 uses the UID 4294967294 for nobody (with 32 bit UID_MAX = 4294967295),therefore Service manager cannot currently handle this. The maximum value which can be handled as of now is 2147483646.

Resolution

Workaround:

Create a system user for Automic and then bind that user to the service manager listener process.

Note: Do not use UIDs or GIDs larger than 2147483646.

Solution:

This is identified as a bug and will be fixed in a future release.

Additional Information

Recommendation:

Do not use user nobody for many different daemons - because different daemons owned by the same user (nobody) can send signals to each other and read/modify each other's memory. Instead create separate accounts for different daemons.

Wiki_nobody_username