The js-io-rights.conf file contains rules that permit write access to defined directories in the server file system.
Mandatory Content of the js-io-rights.conf File
Each line of the js-io-rights.conf file must contain the following information.
- A plus (
+
) or minus (-
) sign to indicate whether rights are permitted or denied - The read (
r
), write (w
), and run (x
) levels of rights - The path on which to apply the rights.
Note: The root folder for the js-io-rights.conf file is always /var/run/vco. In the Automation Orchestrator Appliance file system, this folder is located under /data/vco/var/run/vco. All content with access to the Automation Orchestrator file system must be mapped under this root folder.
Default Content of the js-io-rights.conf File
The default content of the js-io-rights.conf configuration file in the Orchestrator Appliance is as follows:
-rwx / +rwx /var/run/vco +rx /etc/vco -rwx /etc/vco/app-server/security/ +rx /var/log/vco/
Rules in the js-io-rights.conf File
Automation Orchestrator resolves access rights in the order they appear in the js-io-rights.conf file. Each line can override the previous lines.
Important: You can permit access to all parts of the file system by setting
+rwx /
in the
js-io-rights.conf file. However, doing so represents a high security risk.