NetIQ Change Guardian UNIX Agent

Version 7.4

Release Notes

Date Published: March 2014
 

 

What's New?

System Requirements

Installing This Version

Known Issues

Contact Information

Legal Notice

 

 

NetIQ® Change GuardianTM UNIX Agent version 7.4 (UNIX agent) includes new features, improves usability, and resolves several issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Change Guardian product forum on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.

This version of the UNIX agent does not include files required for an AppManager or Security Manager environment. If you need to use the UNIX agent with Security Manager, continue to use the 7.3 version. If you need to use the UNIX agent with AppManager, download that version from the AppManager Suite Product Upgrades page.

The documentation for this product is available on the NetIQ Web site in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click Add Comment at the bottom of any page in the HTML version of the documentation posted at the NetIQ Documentation page. To download this product, see the Novell Downloads Web site.

What's New?

This version of the UNIX Agent supports NetIQ Sentinel and includes software fixes that resolve previous issues.

Cannot Identify Disk Space on IBM AIX with Workload Partitioning

The UNIX agent no longer reports an Unable to obtain disk space error when you attempt to apply a patch to IBM AIX computers that use Workload Partitioning (WPAR). ENG323237

Cannot Import Extremely Large List of Agents

UNIX Agent Manager no longer has an extremely slow response time when importing more than 500 agents. ENG329423

Return to Top

System Requirements

For the most recently updated list of supported application versions, see the Change Guardian Supported Operating System page. Unless noted otherwise, the agent supports all updates, hotfixes, and service packs for the releases listed below.

The Change Guardian UNIX agent has the following system requirements:

  • Change Guardian version 4.0, 4.0.1, or 4.1
  • One of following operating systems on the computers you want to monitor:
    • CentOS on x86_32 or x86_64 (32-bit agent): 4, 5, and 6
    • CentOS on x86_64 (64-bit kernel, 32-bit agent): 4, 5, and 6
    • CentOS on Itanium (64-bit kernel, 64-bit agent): 4, 5, and 6
    • IBM AIX on IBM Power (32-bit kernel): 5.3, 6, and 7.1
    • IBM AIX on IBM Power (64-bit kernel, 32-bit agent): 5.3, 6, and 7.1
    • HP-UX on PA-RISC (64-bit kernel): 11.1x, 11iv2, and 11iv3
    • HP-UX on Itanium (64-bit kernel, 64-bit agent): 11iv2 and 11iv3
    • Oracle Linux on x86_32, x86_64, or PowerPC (32-bit agent): 4, 5, and 6
    • Oracle Linux on x86_64 or PowerPC (64-bit kernel, 32-bit agent): 4, 5, and 6
    • Oracle Linux on Itanium (64-bit kernel, 64-bit agent): 4, 5, and 6
    • Oracle Solaris on SPARC (64-bit kernel): 9, 10, and 11
    • Oracle Solaris on x86 (32-bit kernel): 10 and 11
    • Red Hat Advanced Server on x86_32, x86_64, or PowerPC (32-bit agent): 4, 5, and 6
    • Red Hat Advanced Server on x86_64 or PowerPC (64-bit kernel, 32-bit agent): 4, 5, and 6
    • Red Hat Advanced Server on Itanium (64-bit kernel, 64-bit agent): 4, 5, and 6
    • SUSE Linux Enterprise Server on x86, x86_64, or PowerPC (32-bit agent): 9, 10, and 11
    • SUSE Linux Enterprise Server on x86_64 or PowerPC (64-bit kernel, 32-bit agent): 9, 10, and 11
  • One of the following operating systems installed on the UNIX Agent Manager computer:
    • CentOS 6
    • Oracle Linux 6
    • Red Hat Advanced Server 6
    • SUSE Linux Enterprise Server 11
    • Windows 7 (32-bit and 64-bit)
    • Windows 8 (32-bit and 64-bit)
    • Windows 2008 Server R2
    • Windows 2008 Server (32-bit and 64-bit)
    • Windows 2012 Server

For more information, see the Change Guardian User Guide, included in the download package.

Return to Top

Installing This Version

The following steps provide an overview of how to install the UNIX agent:

  1. Install the UNIX Agent Manager Server.
  2. On the computers where you want to monitor agents, install the UNIX Agent Manager Console.
  3. On the UNIX and Linux computers you want to manage using Change Guardian, install UNIX agent 7.4.
  4. Add the computers you want to monitor to the list of computers to the Change Guardian console.

For more information about installing these components, or if you are upgrading from a previous release, see the Change Guardian User Guide, on the Change Guardian Documentation Web site.

Return to Top

Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. You might encounter problems when running security checks that use the following objects and attributes.

  • The HP-UX 11iv3 auditing subsystem does not provide information for the utimes, utime, dup, or dup2 system calls. This limitation results in Change Guardian not reporting events for the utimes access type in the CGU FileMod object and not reporting events when the contents of a file changes. (ENG319908)
  • For events from HP-UX trusted computers, Change Guardian reports question marks in place of user names. (ENG318593)
  • Change Guardian does not properly identify failed mount attempts on HP-UX computers, and interprets all mounts as successful. (DOC319906)

  • On Linux computers, Change Guardian only reports events generated by a kill command as process terminations. If a process terminates in any other way, using a Control+C key combination, for example, Change Guardian does not report an event. (DOC323792)
  • For unmount events on Solaris 10 computers, Change Guardian reports incorrect process file path. (ENG322149)
  • When you monitor changes to the attributes of a file on a HP-UX computer, Change Guardian does not generate events when the time attribute changes. (DOC320724)
  • When monitoring directory attribute changes on AIX computers, Change Guardian does not always reports events when chown and touch system calls fail.

    NOTE: Change Guardian only reports failed system call events if the system call does not complete as designed. If a user provides incorrect arguments, the system call does not succeed, but it works as designed, so Change Guardian does not attempt to report a failed event. (ENG320366)

  • Change Guardian displays hexadecimal values for foreign language characters that are processed by the UDetect provider. The Udetect provider handles file system policies, file integrity policies, process policies, and mount file system policies. ENG329904
  • Change Guardian does not generate events related to files that are read-only. You can mitigate, but not eliminate, this issue, add -setpolicy [+|-]policy_flags to the auditing system. ENG320922
  • If you attempt to unreister the agent from Change Guardian, the UNIX agent continues to be registered, and Change Guardian reports the error ERROR: Failed to unregister agent from CGPR. If you want to continue to use the agent after attempting to unregister, you must re-installe the agent. ENG332297
  • On AIX computers, the InitiatorServiceName information is not accurate due to the fact that the AIX audit system does not record the full path to the executable if you do not use a full path. DOC321663
  • On SUSE computers, remote deployment by non-root users requires that the root account's password muyst be configured for sudo. DOC322103

    If you need further assistance with any issue, please contact Technical Support.

    Return to Top

    Contact Information

    Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.

    For detailed contact information, see the Support Contact Information Web site.

    For general corporate and product information, see the NetIQ Corporate Web site.

    For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.

    Return to Top

    Legal Notice

    THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.

    For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.

    This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.

    This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.

    U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.

    © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.

    For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.

    Return to Top