Linux-UNIX: Installing the S-TAP agent with RPM
You can install and update S-TAP on a Linux server using the RPM. The advantage of installing by RPM is that you install and maintain S-TAP using the same method that you manage all other software on the database server.
Before you begin
- Verify all Linux-UNIX: S-TAP installation prerequisites.
- Obtain the correct S-TAP installer script, from either Fix Central, or your Guardium representative. The script name identifies the database server operating system.
- The S-TAP shell installer does not install if there is already an RPM installed (preventing double installation).
- RPM is supported for RHEL and for SUSE Linux databases.
About this task
RPM names have the format: guard-stap-10.6.0.0.89165-1-rhel-6-linux-x86_64.x86_64.rpm
, where the first three numbers are the
release number of STAP (10.0.0, 10.1.2, etc) and the fourth number is the code revision (89165). The
number immediately following is the package iteration which would increment in the case of adding
K-TAP
modules to the RPM.
There is a single RPM for the 32-bit S-TAPs and two RPMs for the 64-bit S-TAPs so that the 64-bit S-TAP does not have a dependency on 32-bit libraries if 32-bit exit libraries are not required. The extra RPM looks like guard-stap-32bit-exit-libs-10.1.0.89165-1-rhel-6-linux-x86_64.x86_64.rpm and has a dependency on the main RPM.
By default, the installation process checks the Linux kernel to determine whether a K-TAP module has been created to work with that kernel. If it exists, it installs (sets ktap_installed = 1). If there is none, K-TAP does not install unless you have enabled Loader Flexibility, which aids in the installation of currently built modules when an exact match does not exist. When Loader Flexibility is enabled, it attempts to build a K-TAP to match your Linux kernel.
RPM installs S-TAP to /opt/guardium; this location cannot be changed. tap_ip is set automatically to the hostname of the system. sqlguard_ip is set to 127.0.0.1 as a placeholder for proper configuration. Complete the configuration after the installation, as described in this procedure.
RPM logs are saved to /opt/guardium/rpm_logs
You can run the guard-config-update script as root user or a non-root user. Use the help command to see your permitted functions.
Procedure
What to do next
- Verify that the row of the S-TAP has a green status (first column) in