Set permissions manually for the administration server

For IBM HTTP Server administration server, the setupadm script creates users and groups and sets file permissions for them. This topic describes how to do this manually.

 

Overview

Perform the following steps to create users and groups and set file permissions.

 

Procedure

• Create a new user and unique group for the IBM HTTP Server administration server.

  • 

    1. Launch SMIT.

    2. Click Security and Users.

    3. Click Groups > Add a Group.

    4. Enter the group name, for example, admingrp.

    5. Click OK. Go back to Security and Users.

    6. Click Users > Add a User.

    7. Enter the user name, for example, adminuser.

    8. Enter the primary group we just created.

    9. Click OK.

  • 

    • Execute from a command line:

      groupadd <group_name>
      useradd -g <group_name> <user_ID>
      
      

  • 

    1. Launch the administration tool.

    2. Click Browse > Groups.

    3. Click Edit > Add.

    4. Enter the group name, for example, admingrp.

    5. Click OK.

    6. Click Browse > Users.

    7. Click Edit > Add.

    8. Enter the user name, for example, adminuser and the primary group name, for example, admingrp.

    9. Click OK.

• Updating file permissions.

  Once we have created a user and group, set up file permissions as follows:

  1. Update the permissions for the targeted IBM HTTP Server conf directory.

     1. At a command prompt, change to the directory where we installed IBM HTTP Server.

     2. Type the following commands:

        chgrp <group_name> <directory_name>
        chmod g+rw <directory_name>
        
        

  2. Update the file permission for the targeted IBM HTTP Server configuration files.

     1. At a command prompt, change to the directory that contains the configuration files.

     2. Type the following commands:

        chgrp <group_name> <file_name>
        chmod g+rw <file_name>
        
        

  3. Update the admin.conf configuration file for the IBM HTTP Server administration server.

     1. Change to the IBM HTTP Server administration server admin.conf directory.

     2. Search for the following lines in the admin.conf file:

        User nobody
        Group nobody
        
        

     3. Change those lines to reflect the user ID and unique group name we created. For example:

        User userID
        Group group_name
        
        

  4. Update the file permission for the targeted plug-in configuration files.

     1. At a command prompt, change to the directory that contains the plug-in configuration files.

     2. Type the following commands:

        chgrp <group_name> <file_name>
        chmod g+rw <file_name>
        
        

 

Results

We have set up read and write access for the configuration and authentication files. Now we can perform Web server configuration data administration.