Environment
Novell Access Manager 3.1 Linux Access Gateway
Novell Access Manager 3.0 Linux Access Gateway
Novell Access Manager 3.0 Linux Access Gateway
Situation
The Linux Access Gateway (LAG) is a component of Novell Access Manager that sits in the DMZ in most environments. As a result, the LAG appliance is publically accessible and needs to be hardened in terms of security. A key part of this hardening process is making sure that all known SLES9 (LAG appliance is based on this) security updates are applied to the system. In order to implement this, the following list of steps must be executed to install the Security Patches:
1. Log in to the LAG console as root.
2. Enter the following command to launch YaST:
you
3. Under software, select the Online Update option. In the 'Update Configuration' section, select Novell Accounts Only, then tab to Next and press Enter.
4. When you are prompted to log in, specify the credentials of your registered Novell user account.
Enable the Keep Authentication Data check box, then tab to Login and press Enter.
5. Select Filter > Security.
6. Select the security patches you want to install, then press Enter. Make sure that the selected security patches display the + sign. There will be options to install other packages that are not on the LAG machine. If you select such an option, you will be given the following warning:
"Installing this patch will have no effect, │because it does not contain any updates for installed packages"
You do not need to install any security updates for packages that are not on the system.
7. Click OK to proceed with the installation, after you have selected all the security patches.
8. If a Security update for Linux kernel warning message is displayed, then select Install Patch to proceed.
9. If a Security update for subdomain-parser warning message is displayed, then Select Install Patch to proceed.
10. Click OK to finish the installation process.
11. Restart the Linux Appliance for the Linux kernel update to take effect.
12. Enter the following to check the logs:
tailf /var/log/YaST2/y2log
1. Log in to the LAG console as root.
2. Enter the following command to launch YaST:
you
3. Under software, select the Online Update option. In the 'Update Configuration' section, select Novell Accounts Only, then tab to Next and press Enter.
4. When you are prompted to log in, specify the credentials of your registered Novell user account.
Enable the Keep Authentication Data check box, then tab to Login and press Enter.
5. Select Filter > Security.
6. Select the security patches you want to install, then press Enter. Make sure that the selected security patches display the + sign. There will be options to install other packages that are not on the LAG machine. If you select such an option, you will be given the following warning:
"Installing this patch will have no effect, │because it does not contain any updates for installed packages"
You do not need to install any security updates for packages that are not on the system.
7. Click OK to proceed with the installation, after you have selected all the security patches.
8. If a Security update for Linux kernel warning message is displayed, then select Install Patch to proceed.
9. If a Security update for subdomain-parser warning message is displayed, then Select Install Patch to proceed.
10. Click OK to finish the installation process.
11. Restart the Linux Appliance for the Linux kernel update to take effect.
12. Enter the following to check the logs:
tailf /var/log/YaST2/y2log