ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Why WebServer user is required to have write permission on the "SmHost.conf" file?

book

Article ID: 50544

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

Following warning message is logged when Apache is started:

[Warning] SiteMinder Agent - Siteminder Web Agent not having write permissions on host configuration file. Permission denied. Please assign write privileges to the user apache for the file /exec/products/webagent/r12/config/SmHost.conf

Solution:

Write permission is required if Shared Secret Rollover is enabled. Webagent by default checks if it has the write permission on SmHost.conf file. If it doesn't have it then it will print the warning message.

However, there is no issue as long as Shared Secret Rollover is not enabled.

If Shared Secret Rollover is enabled then WebServer user should have write permission to the SmHost.conf file otherwise webagent will not function properly.

Environment

Release:
Component: SMAPC