While the install routine must be logged in as root (with UID 0), it is not only supported but also recommended to run the PASOE instance as a non-root user in
production.
In order to run a PASOE instance as a non-root user, the following steps are necessary:
- Verify the $DLC/bin executables are owned by root and have 4755 permissions, Refer to Article How should I set permissions for Progress executables and database files on UNIX ?
- Change the ownership of CATALINA_HOME ($DLC/servers/pasoe) and CATALINA_BASE (The instance's location) directories and all files under to be owned by the same group as the user that will be starting the PASOE instance. For example: The user that starts the PASOE instance belongs to the 'progress' group:
chown -R root:progress $DLC/servers/pasoe <instance path>
- Run tcman/pasman while logged in as the chosen username or run the instance as that user, for example: "su someuser -c <command>" or "runuser -l userNameHere -c 'command' "
- Permissions of the files generated by PASOE can be tailored to requirement depending on the security model. Refer to Article How to change the umask value for PASOE
