Agent Java 24.x does not cancel the subprocesses when it's started with no privilege separation (started as root and no user_service_pkg started as root).

When we launch on agent 24.x a jobs that launches a ksh script that launches a perl script, both the ksh and perl processes remain in the system which is not expected, the agent should have killed the whole group of processes as on version 21 or when the agent 24.x is started with separation of privileges (user_service_pkg started as root).

Expected behavior: when doing a cancel of a jobs, all subprocesses should be cancelled immediately ( as it occurs on agent v24 with privilege separation or with agent v21)
Actual behavior: if agent v24 linux is started as root (without privilege separation), the subprocesses of jobs launched as another user are not cancelled when the job is cancelled

The only time the subprocess is canceled is if the binary is owned by root AND setuid is set.

Agent Unix Java version prior to 24.4.4

OS: Linux and AIX only

This is a defect, tracked with DE181532.  The defect will happen in the following three situations:

• The binary is owned by a non-root user (no setuid): If the agent binary is owned by the automic user without the setuid bit set.
• The binary is owned by a non-root user (with setuid): If the setuid bit is set, but the agent binary is still owned by the automic user instead of root.
• The binary is owned by/started as root (no privilege separation): If the agent is started as root without proper privilege separation configured.

Workaround:

Downgrade to Linux Agent 21.x where this issue does not occur or start the agent with privilege separation, refer to the documentation here

Solution:

Update to a fix version listed below or a newer version if available.

Fix version:
Component(s): Agent Unix Java

Automation.Engine 24.4.4 - Released in March 2026

Public Title: Agent Unix does not end child processes of a Job when started as not privileged or as root.

Public Description: An issue has been solved that caused the Unix Agent to leave child processes running and ignore resource limits for jobs executed by either unprivileged users or the root user.