Reputation: 35
MQ v9 - Start trigger monitor automatically AND with no mqm user
good afternoon!
I know we can start trigger monitor with non mqm user using scripts. I would like to know if there is a way to setup a service to start the trigger monitor when qmgr starts, and using a different user id from mqm.
Regards
Upvotes: 0
Views: 139
Answers (1)
Reputation: 7525
When using a SERVICE object in IBM MQ, the command you run (i.e. what you place in the STARTCMD attribute) is run with mqm authority. This is stated explicitly in Knowledge Center.
Attention: This command allows a user to run an arbitrary command with mqm authority. If granted rights to use this command, a malicious or careless user could define a service which damages your systems or data, for example, by deleting essential files.
If you have a script that does what you need, you can put the script in the STARTCMD attribute. If that script changes the user ID, and then runs the program, then as long as the mqm group user ID has permission to do what is in the script, won't that still work?
Upvotes: 1
Related Questions
- How can I configure triggering in IBM WebSphere MQ Explorer?
- Monitoring MQGET
- Trigger Monitor as an MQ Service object - how to get status
- Run MQSC Command via SYSTEM.ADMIN.COMMAND.EVENT
- Trigger monitor does not work
- Websphere MQ 7.1 Automatic Startup
- How can we use a trigger in IBM MQ?
- Triggering for events
- Trigger Monitor in JMS Provider like MQ Series
- IBM WebSphere MQ Triggering issue