3.2 Installing on Linux

Novell Audit 2.0 can be installed on SUSE® Linux Enterprise Server 9 or Red Hat Linux AS and ES (3 and 4).

IMPORTANT:When you install the full version of Novell Audit, the license file (*.nlf) is installed with the product and the product is automatically activated; that is, you can configure all the product channels and instrumentations.

If you install the Novell Audit Starter Pack, the product is not licensed and you have only limited functionality. If you want to upgrade to the full version, you must purchase a product license. For more information on activating the full version of Novell Audit, see Section 3.5, Activating Novell Audit.

To install Novell Audit on Linux:

  1. Log in as root on the host.

  2. Enter the following commands at the Linux console to mount the Novell Audit installation CD and go to the setup directory for the Novell Audit Linux install:

    Operating System

    Commands

    SUSE

    mount /media/cdrom

    cd /media/cdrom/Linux

    Red Hat

    mount /mnt/cdrom

    cd /mnt/cdrom/Linux

  3. From the setup directory for the Novell Audit Linux install, enter the following command at the Linux console to begin the installation:

    ./pinstall.lin

    If you receive a Permission Denied error when attempting to execute the install script, you might need to grant execute rights to pinstall.lin by running chmod 755 pinstall.lin.

  4. Accept the license agreement.

  5. Select your install options.

    Option

    Description

    Platform Agent

    Installs the Novell Audit Platform Agent (liblogevent.so) and the Log Parser (logparse).

    The Platform Agent must be installed on any server that you want to report events.

    eDirectory Instrumentation Files with Platform Agent

    Installs the eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), and the Log Parser (logparse).

    The eDirectory instrumentation must be installed on any server that you want to report eDirectory events. This option automatically installs the Platform Agent, regardless of whether the Platform Agent option is selected.

    Extend Schema

    Adds the Novell Audit schema extensions to eDirectory.

    NOTE:If you select only this option, you are returned to the Linux console after the eDirectory schema is extended.

    Novell Audit Secure Logging Server

    Installs the Novell Audit Secure Logging Server (lengine), the Novell Audit eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), the Log Parser (logparse), and adds the Novell Audit 2.0 schema extensions to eDirectory.

    The Secure Logging Server securely receives reported events.

    NOTE:If you want more than one Secure Logging Server in the tree, we recommend that you create separate eDirectory organizational units as containers for each Secure Logging Server’s configuration objects.

  6. To add the Novell Audit schema extensions, enter the user name and password of an administrator with rights to the root of the eDirectory tree. This logs you into the AuditExt utility.

    NOTE:If the admin object is not in the same context as the current server, you must use the object’s fully distinguished name (for example, .Admin.Accounts.Finance.YourCo).

  7. After logging in to AuditExt, select from the following options:

    AuditExt Options

    Action

    Add Schema Extensions

    Adds the Novell Audit 2.0 schema objects.

    IMPORTANT:This does not destroy or overwrite any objects in your current eDirectory tree.

    Remove Schema Extensions

    Removes all Novell Audit schema extensions from the eDirectory tree.

    This option is required to uninstall Novell Audit.

    WARNING:This option deletes all existing Novell Audit objects from eDirectory.

    Configure This Server

    Configures the Secure Logging Server. Depending on the installation, it performs one of the following actions:

    • For a new installation, it creates the Secure Logging Server object in Logging Services, creates a File Channel object in the Logging Services Channel container, and configures the Secure Logging Server to log events to the File channel. It also creates a Monitor channel for iManager.

    • For an upgrade installation, it upgrades the Novell Audit 1.0.3 objects to the Novell Audit 2.0 schema.

    If you choose to configure the Secure Logging Server, you are prompted as follows:

    1. AuditExt automatically creates the Secure Logging Server name as “server_name Logging Server.”

    2. Choose if you want to create all Novell Audit objects in the Logging Services container.

      NOTE:Logging Services is the default container for all Novell Audit objects in eDirectory.

      If you select No, you must provide the name of an existing organizational unit in which AuditExt can create the Secure Logging Server and its associated objects.

    3. When you’re finished, press Esc, then click Yes.

    Exit AuditExt

    Closes the AuditExt utility.

  8. When finished, select Exit AuditExt.

  9. When the installation is complete, the Secure Logging Server automatically launches.

  10. Choose if you want to load the Platform Agent.

  11. If you select Yes, you are asked if you want to overwrite the pre-existing Platform Agent configuration file (logevent.conf).

  12. Choose if you want to load the eDirectory Instrumentation.

    Novell Audit adds the following command to the ndsmodules.conf file to automatically load the eDirectory Instrumentation with eDirectory: 

    auditDS auto #NSure Audit Platform Agent

    NOTE:On eDirectory 8.7, the path to the ndsmodules.conf file is /usr/lib/nds-modules/ndsmodules.conf. On eDirectory 8.8, the path is /etc/opt/novell/eDirectory/nds-modules/ndsmodules.conf.

    Remove this command if you do not want the eDirectory instrumentation to automatically load.

    To manually start the eDirectory instrumentation, enter:

    ndstrace -c “load auditDS”

  13. After you install Novell Audit, iManager 2.0 or above detects that you have a new plug-in and prompts you to install it.