PingIDM 7.5.0

IDM as a Linux service

IDM provides a script that can generate SysV or Systemd service initialization scripts. You can start the script as the root user, or configure it to start during the boot process.

When IDM runs as a service, logs are written to the installation directory.

  1. If you have not yet installed IDM, follow the steps in Install IDM.

  2. Review the options by running the following script:

    /path/to/openidm/bin/create-openidm-rc.sh
    Usage: ./create-openidm-rc.sh --[systemd|chkconfig|lsb]
    Outputs OpenIDM init file to stdout for the given system
    
    --systemd    Generate Systemd init script. This is preferred for all modern distros.
    --chkconfig  Generate SysV init script with chkconfig headers (RedHat/CentOS)
    --lsb        Generate SysV init script with LSB headers (Debian/Ubuntu)
    ...

These examples describe how to create each of these scripts:

Set up a Systemd Service

If you’re running relatively standard versions of Red Hat Enterprise Linux (CentOS Linux) version 7.x, or Ubuntu 16.04 and later, you’ll want to set up a systemd service script. To set up such a script, navigate to the /path/to/openidm/bin directory, and run the following command:

/path/to/openidm/bin/create-openidm-rc.sh --systemd

As noted in the output, you can set up the IDM service on a standard systemd-based Linux distribution with the following commands:

/path/to/openidm/bin/create-openidm-rc.sh --systemd > openidm.service
sudo cp openidm.service /etc/systemd/system/
systemctl enable openidm
systemctl start openidm

To stop the IDM service, run the following command:

systemctl stop openidm

You can modify the openidm.service script. The following excerpt would run IDM with a startup script in the /home/idm/project directory:

[Unit]
Description=ForgeRock OpenIDM
After=network.target auditd.target

[Service]
Type=simple
SuccessExitStatus=143
Environment=JAVA_HOME=/usr
User=testuser
ExecStart=/root/openidm/startup.sh -p /home/idm/project
ExecStop=/root/openidm/shutdown.sh

[Install]
WantedBy=multi-user.target

Run the following command to reload the configuration and then start the IDM service script:

systemctl daemon-reload
systemctl start openidm
Set up a SysV Service (Red Hat)

If you are running standard versions of Red Hat Enterprise Linux (CentOS Linux) version 6.x, set up a SysV service script with runlevels controlled through the chkconfig command. To set up such a script, run the following command:

/path/to/openidm/bin/create-openidm-rc.sh --chkconfig

You can then set up and start the IDM service on a Linux distribution that uses SysV init scripts, with the following commands:

/path/to/openidm/bin/create-openidm-rc.sh --chkconfig  > openidm
sudo cp openidm /etc/init.d/
sudo chmod u+x /etc/init.d/openidm
sudo chkconfig --add openidm
sudo chkconfig openidm on
sudo service openidm start

To stop the IDM service, run the following command:

sudo service openidm stop

You can modify the /etc/init.d/openidm script. The following excerpt would run IDM with the startup.sh script in the /path/to/openidm directory:

START_CMD="PATH=$JAVA_BIN_PATH:$PATH;nohup $OPENIDM_HOME/startup.sh >$OPENIDM_HOME/logs/server.out 2>&1 &"

You can modify this line to point to some /path/to/production directory:

START_CMD="PATH=$JAVA_BIN_PATH:$PATH;nohup $OPENIDM_HOME/startup.sh -p /path/to/production >$OPENIDM_HOME/logs/server.out 2>&1 &"

Run the following command to reload the configuration and then start the IDM service script:

sudo service openidm start

If you run Linux with SELinux enabled, change the file context of the newly copied script with the following command:

sudo restorecon /etc/init.d/openidm

Verify the change to SELinux contexts with the ls -Z /etc/init.d command. For consistency, change the user context to match other scripts in the same directory with the sudo chcon -u system_u /etc/init.d/openidm command.

Set up a SysV Service (Ubuntu)

If you’re running an older version of Ubuntu Linux that supports SysV services, set up a SysV service script, with runlevels controlled through the update-rc.d command. To set up such a script, run the following command:

/path/to/openidm/bin/create-openidm-rc.sh --lsb

You can then set up and start the IDM service on a Linux distribution that uses SysV init scripts, with the following commands:

/path/to/openidm/bin/create-openidm-rc.sh --lsb  > openidm
sudo cp openidm /etc/init.d/
sudo chmod u+x /etc/init.d/openidm
sudo update-rc.d openidm defaults
sudo service openidm start

To stop the IDM service, run the following command:

sudo service openidm stop

You can modify the /etc/init.d/openidm script. The following excerpt would run IDM with the startup.sh script in the /path/to/openidm directory:

START_CMD="PATH=$JAVA_BIN_PATH:$PATH;nohup $OPENIDM_HOME/startup.sh >$OPENIDM_HOME/logs/server.out 2>&1 &"

You can modify this line to point to some /path/to/production directory:

START_CMD="PATH=$JAVA_BIN_PATH:$PATH;nohup $OPENIDM_HOME/startup.sh -p /path/to/production >$OPENIDM_HOME/logs/server.out 2>&1 &"

You can then run the following command to reload the configuration and then start the IDM service script:

sudo service openidm restart
Copyright © 2010-2024 ForgeRock, all rights reserved.