Maintaining MID Server as non-root user fails after installation

Imi NOW
Tera Contributor

Dear community,

we face an problem regarding MID Server installation and maintenance as non-root user on managed Linux servers.

 

We've followed the guide: 

https://docs.servicenow.com/bundle/washingtondc-servicenow-platform/page/product/mid-server/task/t_I...

 

Things are on place:

  • managed virtual servers prepared
  • .zip package unzipped on respective servers (mid.washingtondc-12-20-2023__patch3-hotfix1-05-12-2024_05-16-2024_0813.linux.x86-64.zip)
  • respective users created for each mid server + mid_server role assigned

We've installed the MID server by silent installation by root user:

 

./installer.sh -silent -INSTANCE_URL
https://xxx.service-now.com
-MUTUAL_AUTH N -MID_USERNAME midserver.x01.user -MID_PASSWORD xxxxxxx -USE_PROXY Y -PROXY_HOST app-proxy-bulk -PROXY_PORT 8080 -MID_NAME snm-x-01 -APP_NAME midserver -APP_LONG_NAME server-snm-x-01 -CERTIFICATE_REVOCATION N -NON_ROOT_USER midserver

 

Server: Virtual Machine VMWare - Linux RedHat v. 9.4
Path: /opt/servicenow/snm-x-01/agent

 

After installing as root user, the non-root user 'midserver' can't execute commands ./start.sh, ./stop.sh on machine directly, getting error message as shown in attachment. If button 'Validate' is clicked, the state 'Validating' takes ages - only way how to validate mid server is restart it.

The UI Action in instance as Pause MID, Restart MID, Upgrade MID aren't working at all.

 

We've found the KB - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0815542 but this is not sufficient for us, since the installation is in /opt/ folder --- "On system using systemd, you may need to create PolKit rules and SELinux policies for the MID Server. The policies are only needed when you see the related errors. SELinux errors can occur when installing the MID Server in a home directory, but do not appear if installing in a common place such as /opt. "

 

The file mid.shconf_override has been edited and installed as mentioned in the manual.

 

The only way how to start/stop/restart service is using the command sudo /usr/bin/systemctl start midserver.service which works, but is not satisfactory since the restart from the instance is not working and e.g. stopping the service from MID server using the ./stop.sh is not working too.

 

Could you please help us?

 

Thank you!

1 ACCEPTED SOLUTION

Per Kristian1
Tera Expert

We had to add a polkit rule although we did install in /opt/. See this post as well: https://www.servicenow.com/community/now-platform-forum/mid-server-auto-upgrade-issue/m-p/1088634/pa...

View solution in original post

2 REPLIES 2

Per Kristian1
Tera Expert

We had to add a polkit rule although we did install in /opt/. See this post as well: https://www.servicenow.com/community/now-platform-forum/mid-server-auto-upgrade-issue/m-p/1088634/pa...

Thanks a million @Per Kristian1 !!!!

The enhanced PolKit script you shared is even better what ServiceNow proposed. Using official ServiceNow PolKit have a rights to manage all systemctl which was denied by our OS team.