Securing the Database Interface Configuration File

Use the following procedure to secure the database interface configuration file.

Some companies use a security and data access strategy that includes determination of the database user and password in the database interface configuration file. If this is your situation, you can secure the db.cfg file using operating system methods, but you must restrict knowledge of the database user name and password for Lawson products.

  1. Secure the db.cfg file using operating system methods.

    For example, type:

    chmod 660 $LARUNDIR/dataarea/db.cfg

  2. Create a UNIX group for the users who require access to the db.cfg file.

    For example, type:

    groupadd law_adm_grp

  3. Add these users and any others that your Landmark configuration requires to the law_adm_grp group:
    • The Landmark user lawson

    • The database administrator

    • Any user who performs database administration tasks or runs a command line utility that accesses the database

    • The user that the WebSphere application server process runs as

    For example, type

    useradd username -g law_adm_grp (to add a new user to the group)

    – or –

    usermod username -g law_adm_grp (to add an existing user to the group)

  4. Grant access to the db.cfg file by making the Lawson owners group ( law_adm_grp ) the owner of the file.

    For example, type:

    chgrp law_adm_grp $LARUNDIR/dataarea/db.cfg