https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/Recent content in Protegrity SDK Upgrade Permissions and Deployment onHugoenhttps://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/user_role_group/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/user_role_group/<h2 id="groups">Groups</h2> <table> <thead> <tr> <th>Group</th> <th>Purpose</th> <th>Example</th> </tr> </thead> <tbody> <tr> <td>Admin group</td> <td>Users who manage the Upgrade Agent, RPAgent, and Log Forwarder. This group is always required.</td> <td><code>ptyadmin</code></td> </tr> <tr> <td>SDK users group</td> <td>AP Java users who run applications using the SDK.</td> <td><code>ptyusers</code></td> </tr> </tbody> </table> <h2 id="user-configuration-examples">User Configuration Examples</h2> <table> <thead> <tr> <th>User</th> <th>Primary Group</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><code>ptyadmin</code></td> <td><code>ptyadmin</code></td> <td>Admin user who can install and run Upgrade Agent, RPAgent, Log Forwarder, and AP Java.</td> </tr> <tr> <td><code>ptyuser1</code>, <code>ptyuser2</code>, and so on</td> <td><code>ptyadmin</code></td> <td>AP Java user who can run application using the SDK.</td> </tr> </tbody> </table> <h2 id="user-and-group-setup-commands">User and Group Setup Commands</h2> <p>This section provide commands to create users and groups on Linux.</p>https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/component/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/component/<p>All Protegrity components are owned and primarily run by the <code>ptyadmin</code> user. The following table lists the components and their ownership.</p> <table> <thead> <tr> <th>Component</th> <th>Description</th> <th>Owner or User^*</th> <th>Who Runs It</th> </tr> </thead> <tbody> <tr> <td><strong>Upgrade Agent</strong></td> <td>Upgrades and rolls back Protegrity components.</td> <td><code>ptyadmin</code></td> <td><code>ptyadmin</code> user</td> </tr> <tr> <td><strong>AP Java SDK</strong></td> <td>Java libraries used by applications to protect and unprotect data.</td> <td><code>ptyadmin</code></td> <td>User (<code>ptyuser1</code>) in the <code>ptyadmin</code> group.</td> </tr> <tr> <td><strong>RPAgent</strong></td> <td>Downloads and keeps security policy packages in sync.</td> <td><code>ptyadmin</code></td> <td><code>ptyadmin</code> user</td> </tr> <tr> <td><strong>Log Forwarder</strong></td> <td>- Collects logs and forwards them to the ESA. <br> - It is based on Fluent Bit.</td> <td><code>ptyadmin</code></td> <td><code>ptyadmin</code> user</td> </tr> </tbody> </table> <p>^* - All components are owned by <code>ptyadmin</code>.</p>https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/file_folder_permissions/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/protectors/10.1/docs/ap/ap_java/upgrade/set_upg_agent/permissions/file_folder_permissions/<p>This section explains the required users and groups, core components, and recommended file permissions for running Protegrity Upgrade Agent and the AP Java SDK securely on Linux systems.</p> <blockquote> <p><strong>Note</strong>: The user running the Upgrade Agent must own the extracted old SDK build used for the upgrade. If a local path is configured in <code>sdkupgrd.conf</code>, the user must also own the downloaded new build.</p></blockquote> <p>The following tables describe which users can access specific directories under the Upgrade Agent installation and explain why these permissions are required.</p>