This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SecurID® Governance & Lifecycle Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.

Walk-through of Installation of SuSE 11 SP3 with RSA Via Lifecycle and Governance 7.0

Article Number

000032643

Applies To

RSA Product Set: RSA Via Lifecycle and Governance 7.0 (L&G)
RSA Version/Condition: 7.0
Platform: RSA Software Appliance
O/S Version: SuSE 11 SP3

Issue

Official RSA documentation gives a general overview of many of the steps below.  The instructions in this document are intentionally verbose.  Every selection and click during the OS installation and every command and file edited for the application install is included.

Resolution

Installing SuSE 11 SP3
To begin, boot from the SuSE 11 SP3 DVD and choose Installation.

  • Welcome screen
  1. Check the box next to I Agree to the License Terms.
  2. Click Next.
  • Media Check screen
  1. Do not make any selections or changes.
  2. Click Next.
  • Installation Mode screen
  1. New installation is selected by default. 
  2. Click Next.
  • Clock and Time Zone screen
  1. Select the appropriate region and time zone for the server. 
  2. Leave the hardware clock set to UTC selected.
  3. Click Next.
  • Server Base Scenario screen
  1. The option for Physical Machine is selected by default.
  2. Click Next.
  • Installation Settings screen
  1. Click the hyperlink for Partitioning.
  • Preparing Hard Disk screen
  1. The option Custom Partitioning (for experts) is selected by default. 
  2. Click Next.
  • Expert Partitioner screen
  1. Choose the option to create /boot partition.
  2. Under Available Storage on Linux is the device /dev/sda. 
    1. Right click on /dev/sda and choose Add Partition.
    2. To add a partition on the /dev/sda screen, leave Primary partition selected and click Next.
    3. To add a partition on the /dev/sda (screen 2), select Custom Size and type 2GB then click Next.
    4. To add a partition on /dev/sda (screen 3), Ext3 is the File System selected by default.  Do not change this value.
  3. Click the Mounting Options pull down and select /boot.
  4. Click Finish.
  • Expert Partitioner screen
  1. Create a swap partition. 
    1. Highlight and right click on /dev/sda and choose Add Partition again.
    2. To add a partition on /dev/sda screen:
    • Leave Primary partition selected.
    • Click Next.

       c. To add a partition on /dev/sda (screen 2):

  • Select Custom Size and type 16GB.
  • Click Next.

                 d. To add a partition on /dev/sda (screen 3):

  • Select Swap from File System pull down. 
  • The Mount Partition option will automatically change to Swap. 

         2. Click Finish.

  • Expert Partitioner screen (Create/Partition)
  1. Highlight and right click on /dev/sda.
  2. Choose Add Partition again.
    1. To add a partition on the /dev/sda screen.
    • Leave Primary partition selected.
    • Click Next.

       b. To add a partition on /dev/sda (screen 2):

  • Custom Size is selected by default with the remainder of the drive space.
  • Click Next.

                 c. To add a partition on /dev/sda (screen 3):

  • Ext3 is the File System selected and Mount Point / is select by default. 
  • Click Finish.
  • Expert Partitioner screen
  1. Click Accept.
  • Installation Settings screen
  1. Click the Software hyperlink.
  2. Right click on the print server and choose Do not install.  This will result in a grayed check-box.
  3. Enable the option under Development for C/C++ Compiler and Tools and click OK.
  4. Click Accept to the YaST2 agfa-fonts end user license agreement.
  • Installation Settings screen
  1. Click Install.
  2. Click Install again on the YaST2 confirm screen.
  3. It will prompt with a YaST2 reboot dialog after the installation is complete.  Either wait for the ten second countdown to auto reboot or click OK.
  4. After reboot first time boot OS configuration will run.
  • Password for the System Administrator "root" screen
  1. Choose and type a root password and confirm it. 
  2. The default used for our hardware appliances is Av3k5a
  3. When done, click Next.
  • Hostname and Domain Name screen
  1. Populate the software appliance's hostname in the Hostname field. 
  2. In the Domain Name field enter the suffix.  For example, emc.com.
  3. Uncheck the Change hostname via DHCP option.
  4. Click Next.
  • Network Configuration screen
  1. Click the Disable IPv6 hyperlink.
  2. Click OK to the YaST2 warning that states To apply this change, a reboot is needed.
  3. Click the Open hyperlink next to SSH port is blocked in the firewall section.
  4. Click on the Network Interfaces hyperlink.
  5. Highlight eth0 and click the Edit button.
  6. Choose No Link and IP Setup (Bonding Slaves).
  7. Click Next.
  8. Do the above step for each interface that is present.
  9. When done, click Add.
  • Hardware Dialog screen
  1. For the Device Type, select Bond.
  2. Click Next.
  • Network Card Setup screen
  1. Under the Address tab, select Statically Assigned IP Address.
  2. Populate the IP, subnet mask and hostname (using the fully qualified host.domain.com).
  3. Under the Bond Slaves tab, enable the check-box next to each ethX interface.
  4. Click Next.
  • Network Settings screen
  1. Click the Hostname/DNS tab.
  2. Enter the hostname and domain name (suffix).
  3. Enter the name servers (DNS servers).
  4. You can populate domain search, but it is not required.
  5. Click the Routing tab.
  6. Enter the default gateway information.
  7. Click OK.
  • Network Configuration screen
  1. Click Next.
  • Test Internet Connection screen
  1. Choose No, Skip this Test on the internet test.
  2. Click Next.
  • Network Services Configuration Screen
  1. Leave Use Following Configuration selected.
  2. Click Next.
  • User Authentication Method screen
  1. Leave Local (/etc/passwd) selected.
  2. Click Next.
  • New Local User screen
  1. Create a user account and set a password.  When creating an account do not use oracle or admin as the user name.
  2. When done, click Next.
  • Release Notes screen
  1. Click Next.
  • Hardware Configuration screen
  1. When this screen displays, it will flicker.  It will show a screen that is outside of Xwindows briefly.  Both of these behaviors are expected.
  2. After the hardware probe is finished identifying the configuration, leave the default option to Use Following Configuration selected.
  3. Click Next.
  • Installation Completed screen
  1. Un-check Clone This System for AutoYast.
  2. Click Finish.


Operating System configuration pre-application install steps

  1.  Login as root with the password that was defined above in the section on Password for the System Administrator "root" screen.  The default password is Av3k5a.
  2. Right click the desktop and open a terminal window.
  3. Edit the limits.conf with a text editor, for example:

vi /etc/security/limits.conf

                  4. Add these four entries just above the # End of file line at the bottom of the file: 

oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 65536
oracle hard nofile 65536

                  5. Edit the firewall: 

vi /etc/sysconfig/SuSEfirewall2​

                  6. Search for FW_SERVICES_EXT_TCP.

                  7. Add allowed incoming ports, for example:  

FW_SERVICES_EXT_TCP="21 22 1158 1555 8443 8444"
                  8. Now search for FW_REDIRECT.

                  9. Add forwarding rules for 443 and 444, for example: 

FW_REDIRECT="0/0,0/0,tcp,443,8443 0/0,0/0,tcp,444,8444"

                  10. Restart the firewall for settings to be applied: 

/etc/init.d/SuSEfirewall2_init restart
/etc/init.d/SuSEfirewall2_setup restart

                  11. Add the following Oracle required rpms from the SuSE DVD media.  Path will vary based on your DVD label
                       (NOTE:  The character after libcap is the number one (1)). 

cd /media/SLES-11-SP3-DVD-x86_6407031/suse/x86_64
rpm -ivh sysstat-8*x86_64.rpm
rpm -ivh nfs-kernel-server*x86_64.rpm
rpm -ivh libcap1-1*x86_64.rpm

                  12. Add the oracle user and group: 

groupadd -g 500 oinstall
useradd -u 500 -g 500 -d /home/oracle -s /bin/bash oracle

 

  1. The operating system configuration required for our application to be installed is complete.  Reboot the host prior to performing RSA Via L&G / IMG installation:

sync
reboot


RSA Via Lifecycle and Governance 7.0 Installation Steps

  • Stage the Installation
  1. Login or su to the user root.
  2. Make the directory structure to house the L&G installation files, as follows:

mkdir /tmp/Aveksa
mkdir /tmp/aveksa/packages
mkdir /tmp/aveksa/staging
  1. Transfer the following packages to /tmp/aveksa/packages:
  • aveksa-7.0.0.tar.bz2
  • cvupack_Linux_x86_64.zip
  • linuxamd64_12102_database_1of2.zip
  • linuxamd64_12102_database_2of2.zip
  • linuxamd64_12102_grid_1of2.zip
  • linuxamd64_12102_grid_2of2.zip
  • openjdk17_v001.tar.bz2
  • oracle_12.1.0.2_patches_v001.zip
  • wildfly-8.2.0.Final.tar
  1. As root, unpack the installer to /tmp/aveksa/staging :

cd /tmp/aveksa/staging
tar -jxvf ../packages/aveksa-7.0.0.tar.bz2
 
  •  Configure NTP
  1. Configure NTP on the server by running the following command:

cd /tmp/aveksa/staging/deploy/bin
./modifytimeserver.sh <timeserver hostname or IP>
  1. If you do not have a timeserver, or if it is temporarily unavailable, you can disable NTP using the following:

mv /etc/ntp.conf /etc/ntp.conf.disable
 
  • Install RSA Via Lifecycle and Governance 7.0  

If you executed the RSA Via L&G 7.0 uninstall.sh, the Aveksa_System.cfg was removed and needs to be unpacked from aveksa-7.0.0.tar.bz2 prior to running install.sh.

  1. As root, complete the following:

cd /tmp/aveksa/staging
./install.sh
  1. The next lines are executed only if the Aveksa_System.cfg is being reported as missing by the installer:

cd /tmp/aveksa/staging
tar -jxvf ../packages/aveksa-7.0.0.tar.bz2 deploy/Aveksa_System.cfg
NOTE:  This command might take a while to complete as it is searching through a heavily compressed archive looking for the single file.
  1. Type Yes to agree to the license terms and press Enter.
  2. Type Yes when asked Do you wish to install and press Enter.
  3. Press Enter to accept the default location for the installation files.  The default is /tmp/aveksa/staging.
  4. Press Enter to accept the default location for the package files as /tmp/aveksa/packages.
  5. Press Enter to accept the default of not using a remote database.
  6. Type Yes to confirm that the summary is correct and press Enter.
  7. Type Yes when prompted to run the kernel settings change script.
  8. Press Enter when prompted with Check the System Configuration.

The installation will perform an nslookup on your hostname.  If a nameserver was defined earlier and it is either unreachable or does not have an entry for your server you will receive the following error:

Oracle Installer Exit Code: 253

The /tmp/aveksa/oracle.log file will have the error:  

Check for integrity of file "/etc/resolv.conf" failed.

Notes

For ease of use, these instructions are duplicated in the document attached to this article.
Attachments
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 10:12 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.