I thought you said your MQ server binded to port 80?
"Wyatt, T. Rob" <[EMAIL PROTECTED] To: [EMAIL PROTECTED] MERICA.COM> cc: Sent by: MQSeries Subject: Re: mqm group List <[EMAIL PROTECTED] C.AT> 10/01/2003 10:39 AM Please respond to MQSeries List Doesn't the web server bind to port 80 for HTTP? -----Original Message----- From: Rick Tsujimoto [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 01, 2003 9:21 AM To: [EMAIL PROTECTED] Subject: Re: mqm group T. Rob, Why bind to a port below 1024? "Wyatt, T. Rob" <[EMAIL PROTECTED] To: [EMAIL PROTECTED] MERICA.COM> cc: Sent by: MQSeries Subject: Re: mqm group List <[EMAIL PROTECTED] C.AT> 10/01/2003 07:43 AM Please respond to MQSeries List Navin, When I was installing AppWatch on our Solaris server I discovered that I couldn't start the web server as mqm. Seems you need root privileges to bind to any port below 1024. Our sysadmin created a Power Broker profile that allows me to start the server as mqm *and* bind to port 80. We happen to have Power Broker but this could have been accomplished using any of several tools, including those that are built in to the OS. If your sysadmin needs convincing, you could write a script that puts root in the mqm group. Don't actually run it, just show it to him and explain that, with Web Logic running as root, you could execute this script (or any other) with Web Logic's root privileges and gain complete control of the server. Then if he's still not convinced, run the script under Web Logic. within a day or two, you'll have the server running under it's own group. --- T.Rob -----Original Message----- From: Navin Vali [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 01, 2003 6:27 AM To: [EMAIL PROTECTED] Subject: Re: mqm group Hi Hubert , Thanks for the response. Yes the logical thing to do is to create a weblogic user to start and stop weblogic and this user could be setmqaut , thus can talk to queue manager. But our system admin was insisting to give weblogic start stop rights to only root, and root is not part of mqm . We are in the process of convincing the sys admin to implement the setup you suggested. Thanks anyway for the suggestion, cheers Navin Please respond to MQSeries List <[EMAIL PROTECTED]> Sent by: MQSeries List <[EMAIL PROTECTED]> To: MQSERIES cc: bcc: Subject: Re: mqm group Navin, why do you run Weblogic as root? I would create a new user and group (lets say 'weblogic' for both) an run Weblogic using this ID. Set then the MQ permissions using setmqaut for the group 'weblogic'. Remember, setting permissions using setmqaut for a user on unix sets them for the primary group. So I always use the command: setmqaut -m YourQMGR -t qmgr -g YourGroup +connect +inq +dsp Regards Hubert -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 30. September 2003 19:57 An: [EMAIL PROTECTED] Betreff: Réf. : Re: mqm group Hello, Why dont you use the setmqaut command to give the qmgr authorizations you want, for example: setmqaut -m YourQMGR -t qmgr -p root +connect +inq +dsp and use the same command for the queue authorization you want. Michel Jalette, CGI. Pavel Tolkachev <[EMAIL PROTECTED]>@AKH-Wien.AC.AT> on 2003-09-30 13:08:17 Veuillez répondre à MQSeries List <[EMAIL PROTECTED]> Envoyé par : MQSeries List <[EMAIL PROTECTED]> Pour : [EMAIL PROTECTED] cc : Objet : Re: mqm group Hi Navin, It depends on your policies, but if you could get sudo for something like a 2-line script, you could use 'newgrp mqm' as its first command, (the 2nd line would run the thing you need). Then the process would be run under root:mqm even though root would not be in a mqm group on a permanent basis. Hope this will help, Pavel Navin Vali <[EMAIL PROTECTED] To: [EMAIL PROTECTED] IRWAYS.COM> cc: Sent by: MQSeries Subject: mqm group List <[EMAIL PROTECTED] C.AT> 09/30/2003 12:39 PM Please respond to MQSeries List Hi All , The problem is, we are starting the communication server on Weblogic using the sudo command. The sudo command will start Weblogic as the "root" user. All the processes created by this Weblogic instance will be owned by root. WL server tries to connect to MQ Queues as the "root" user. However the root user is not part of the mqm group and so MQ returns authentication failure. We requested to add root to the mqm group but they security folks have refused permission to add root to mqm group due to security and other issues. Now is there any way we can resolve this issue? Starting and stopping of weblogic rights can only be given to root and root cannot be part of mqm. Although we have a mqadmin user which is part of mqm. Is there a way that we can start weblogic using root but when its up it runs as mqadmin? Any help will be highly appreciated. Thanks in Advance Navin ---------------------------------------------------------------------------- --------------------- Get the best from British Airways at ba.com http://www.ba.com -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive