search cancel

How the Unix / Linux Agents handles job creation

book

Article ID: 90167

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

How the Unix / Linux Agents handles job creation

Environment

Release: AUTWAB99000-11.0-Automic Workload Automation-Base Edition
Component:

Resolution

1. Password Check
 a. Local: User/PW Check usind Unix APIs
 b. PAM: If PAM Authentication is configured the Agent authorizes the User with PAM
  If pam_open_session is activated, the Agent calls pam_setcred() which is loading the User credentials
  According to the PAM documentation this includes the User Limits configured in in /etc/security/limits.conf

2. After the authorization process the Agent creates a Child process using the system api call fork()

3. the following Variables are updated immediately afterwards
 - LOGNAME copied from parent process and updated
 - LOGIN copied from parent process and updated
 - USER copied from parent process and updated
 - PWD copied from parent process and updated
 - SHELL copied from parent process and updated
 - HOME copied from parent process and updated
 - MAIL copied from parent process and updated
 - PATH copied from parent process, :sbin:/usr/sbin is appended
 - LANG copied from parent process
 - HZ copied from parent process
 - TERM copied from parent process
 - NETPATH copied from parent process
 - NLSPATH copied from parent process
 - TZ copied from parent process

4. if PAM is configured
 a. Child Process loads the Environment Variables of the User and applies them to the job
 b. Child Process starts pam_open_session()
  This creates a PAM-Session for the Jobs, please pay attention to the configured PAM-Session-Handling in UNIX/LINUX


5. Child Process starts the Job with the API call execle()

6. if a shell in 'login mode' (-bash, -ksh -- prefix '-' stands for login mode) is configured the Child process loads the environment.

 - e.g. for Korn Shell this would be /etc/profile and .profile from the home directory

 - Another way to open a shell in login mode is to use '-l'  in the shell options of the task.

 

 

7. Now settings from UC_SHELL_UNIX are applied.

8. Everything else is part of the job, you could use Headers or Trailers to set Variables, but thats part of the Job and not Agent functionality

Attachments