Solaris
- Installing the Solaris takes only a few minutes.
- Download the appropriate file from the help.Argent.com under the Optional Monitoring Agents section.
The files for a Solaris system running on an Intel processor are different than those for one running on a SPARC processor. Make sure you download the right one.
- Transfer the file you downloaded to the Solaris system you want to monitor, using FTP, SSH, or another file transfer method. For this example, we’ve placed the downloaded file in the /tmp directory.
- On the Solaris machine, log on as “root” and create the /etc/argent directory:
mkdir /etc/argent
- Switch to the /tmp directory, where we placed the downloaded file, and move the file to /etc/argent.
mv ARGENT_GUARDIAN_SUNOS_8_0A_0707.TAR /etc/argent
- Change directories to /etc/argent.
cd /etc/argent
- Extract the contents of the tar file.
tar xfv ARGENT_GUARDIAN_SUNOS_8_0A_0707.TAR
- The /etc/argent directory now contains three more files:
- tagagent (the binary for the Secure Unix Agent)
- tagagent.conf (the configuration file for the Secure Unix Agent)
- tagshell (the Unix Shell Script Agent)
- Create log files for both the Secure Unix Agent and the Unix Shell Script Agent.
touch tagagent.log tagshell.log
-
Make both tagagent.log and tagshell.log world-writable.
(This is necessary if the Rules you’re running are executed by someone other than “root”.)
chmod 666 tagagent.log tagshell.log
- Change the ownership on the /etc/argent directory and its files:
chown -R root:staff /etc/argent
-
The Secure Unix Agent and the Unix Shell Script Agent run under inetd. Place the following lines in /etc/inetd.conf:
tagagent stream tcp nowait root /etc/argent/tagagent tagagent tagshell stream tcp nowait root /etc/argent/tagshell tagshell
- Next, place the following lines in /etc/services:
tagagent 3060/tcp # The Argent Secure Unix Agent tagshell 3061/tcp # The Argent Unix Shell Script Agent
- Restart inetd to enable the monitoring agents.
/usr/bin/pkill -HUP inetd
- You can verify that the agents are listening by using the following “netstat” command:
netstat -a | egrep ‘tagagent|tagshell’
- If desired, access to the monitoring agents can be restricted by using TCP wrappers.
NOTE:
If you’re using Solaris 10, the “inetconv” command must be run first to import the new lines from inetd.conf into the service configuration. Then restart inetd.