To run the UNIX agents with non-root privileges:
- Make the following executable by the user (or group or other), if necessary:
/opt/logrhythm/scsm/bin/scsm(the start/stop script)
/opt/logrhythm/scsm/bin/scsmd(the Agent daemon)
- Make the following directories writeable by the user (or group or other):
/opt/logrhythm/scsm/bin(for Agent pid files: .scsmd.pid and .scsmwatch.pid)
/opt/logrhythm/scsm/logs(for log files)
/opt/logrhythm/scsm/state(recursive, for state files)
/opt/logrhythm/scsm/config(for INI file writes and agentguid.cfg writes)
Add the following to the PATH environment variable (in user's shell or in the scsm script):
Solaris: /sbin and /usr/sbin
You need to do the same for the start/stop scripts that get called when the host is booted up and shut down (for example, /etc/init.d/scsm, /etc/init.d/rc3.d/S99scsm, /etc/init.d/rc0.d/K99scsm).
If you want to run the syslog server as non-root, the port must be changed from the default (514 UDP/TCP) to one that is greater than 1024. Ports lower than 1024 are reserved, and only root can access them. If the Agent is run as non-root and the port is less than 1024, warn in scsm.log and syslog that the syslog server will not run unless the port is greater than 1024.Some devices that send syslog may not have a configurable port. If they do not allow the destination port to be configured, then this solution will not work without some other configuration changes.