3.3 Installing on Solaris

Novell Audit 2.0 can be installed on Solaris 8, 9, and 10.

Solaris 8 requires GCC 3.3 and zlib 1.2.3 to function as a Secure Logging Server. Without GCC3.3, applications fail to authenticate to the logging server. The resulting error in nproduct.log is Failed SSL Handshake.

IMPORTANT:When you install the full version of Novell Audit, the license file (*.nlf) is installed with the product and the product is automatically activated; that is, you can configure all the product channels and instrumentations.

If you install the Novell Audit Starter Pack, the product is not licensed and you have only limited functionality. If you want to upgrade to the full version, you must purchase a product license. For more information on activating the full version of Novell Audit, see Section 3.5, Activating Novell Audit.

To install Novell Audit on Solaris:

  1. Log in as root on the host.

  2. Insert the CD into the drive.

    If the Volume Manager (vold) is running on your system, the CD is automatically mounted as /cdrom/CDROM.

  3. (Optional) If the Volume Manager is not running on your system, complete the following steps to mount the CD:

    1. Determine the name of the device by entering the following command:

       ls -al /dev/sr* |awk '{print "/" $11}' 
      
    2. Enter the following commands to mount the CD-ROM:

      mkdir -p /cdrom/CDROM 
           mount -F hsfs -o ro device_name /cdrom/CDROM 
      
  4. Enter the following command to go to the directory for the Novell Audit Solaris install:

    cd /cdrom/CDROM/Solaris
    
  5. From the setup directory for the Novell Audit Solaris install, enter the following command at the Solaris console to begin the installation:

    ./pinstall.sol

    If you receive a Permission Denied error when attempting to execute the install script, you might need to grant execute rights to pinstall.lin by running chmod 755 pinstall.sol.

  6. Accept the license agreement.

  7. Select your install options.

    Option

    Description

    Platform Agent

    Installs the Novell Audit Platform Agent (liblogevent.so) and the Log Parser (logparse).

    The Platform Agent must be installed on any server that you want to report events.

    eDirectory Instrumentation Files with Platform Agent

    Installs the eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), and the Log Parser (logparse).

    The eDirectory instrumentation must be installed on any server that you want to report eDirectory events. This option automatically installs the Platform Agent, regardless of whether the Platform Agent option is selected.

    Extend Schema

    Adds the Novell Audit schema extensions to eDirectory.

    NOTE:If you select only this option, you are returned to the Linux console after the eDirectory schema is extended.

    Novell Audit Secure Logging Server

    Installs the Novell Audit Secure Logging Server (lengine), the Novell Audit eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), the Log Parser (logparse), and adds the Novell Audit 2.0 schema extensions to eDirectory.

    The Secure Logging Server securely receives reported events.

    NOTE:If you want more than one Secure Logging Server in the tree, we recommend that you create separate eDirectory organizational units as containers for each Secure Logging Server’s configuration objects.

  8. To add the Novell Audit schema extensions, enter the user name and password of an administrator with rights to the root of the eDirectory tree. This logs you into the AuditExt utility.

    If the admin object is not in the same context as the current server, you must use the object’s fully distinguished name (for example, .Admin.Accounts.Finance.YourCo).

  9. After logging in to AuditExt, select from the following options:

    AuditExt Options

    Action

    Add Schema Extensions

    Adds the Novell Audit 2.0 schema objects.

    IMPORTANT:This does not destroy or overwrite any objects in your current eDirectory tree.

    Remove Schema Extensions

    Removes all Novell Audit schema extensions from the eDirectory tree.

    This option is required to uninstall Novell Audit.

    WARNING:This option deletes all existing Novell Audit objects from eDirectory.

    Configure This Server

    Configures the Secure Logging Server. Depending on the installation, it performs one of the following actions:

    • For a new installation, it creates the Secure Logging Server object in Logging Services, creates a File Channel object in the Logging Services Channel container, and configures the Secure Logging Server to log events to the File channel. It also creates a Monitor channel for iManager.

    • For an upgrade installation, it upgrades the Novell Audit 1.0.3 objects to the Novell Audit 2.0 schema.

    If you choose to configure the Secure Logging Server, you are prompted as follows:

    1. AuditExt automatically creates the Secure Logging Server name as “server_name Logging Server.”

    2. Choose if you want to create all Novell Audit objects in the Logging Services container.

      NOTE:Logging Services is the default container for all Novell Audit objects in eDirectory.

      If you select No, you must provide the name of an existing organizational unit in which AuditExt can create the Secure Logging Server and its associated objects.

    3. When you’re finished, press Esc, then click Yes.

    Exit AuditExt

    Closes the AuditExt utility.

  10. When finished, select Exit AuditExt.

  11. When the installation is complete, the Secure Logging Server automatically launches.

  12. Choose if you want to load the Platform Agent.

  13. If you select Yes, you are asked if you want to overwrite the pre-existing Platform Agent configuration file (logevent.conf).

  14. Choose if you want to load the eDirectory Instrumentation.

    Novell Audit adds the following command to the ndsmodules.conf file to automatically load the eDirectory Instrumentation with eDirectory:

    auditDS auto #NSure Audit Platform Agent
    

    NOTE:On eDirectory 8.7, the path to the ndsmodules.conf file is /usr/lib/nds-modules/ndsmodules.conf. On eDirectory 8.8, the path is /etc/opt/novell/eDirectory/nds-modules/ndsmodules.conf.

    Remove this command if you do not want the eDirectory instrumentation to automatically load.

    To manually start the eDirectory instrumentation, enter:

    ndstrace -c “load auditDS”
    
  15. After you install Novell Audit, iManager 2.0 or above detects that you have a new plug-in and prompts you to install it.

When the installation is complete, the Secure Logging Server automatically launches, and the following command is added to /etc/init.d/naudit to automatically load the eDirectory instrumentation with eDirectory:

ndstrace -c "load auditDS"

Remove this command if you do not want the eDirectory instrumentation to automatically load.

To manually start the eDirectory instrumentation, run the following command from the Solaris console:

ndstrace -c "load auditDS"