Manually updating PostgreSQL on Sentinel Log Manager

  • 7009614
  • 21-Oct-2011
  • 26-Apr-2012

Environment

Sentinel Log Manager 1.1.0.x

Situation

At times there are known security vulnerabilities that may exist in third party products that ship with Sentinel Log Manager thus necessitating an update for your Security Identity Event Management, (SIEM), system. This documents is intended to guide you through the update of PostgresSQL on your existing Sentinel Log Manager system from 8.3.8 to 8.3.12. While this has been officially tested for 1.1.0.2 and these specific versions of PostgreSQL, it should apply to future releases as well.

As always, its a good idea to test these steps in a lab environment before applying to your production system
.

Resolution

Existing Database: PostgreSQL 8.3.8

Upgrade to : PostgreSQL 8.3.12

Method : PostgreSQL install and configure from source

Table Of Contents:

  1. REFERENCE URLs

  2. PREREQUISITES

  3. STEPS TO INSTALL AND CONFIGURE POSTGRESQL FROM SOURCE

  4. Test Using pgadmin

  5. Test From Web UI

  6. Trouble Shooting

#1 REFERENCE URLs:
  • http://www.PostgreSQL.org/docs/8.3/static/installation.html

  • http://www.PostgreSQL.org/docs/8.3/static/install-getsource.html

  • http://www.thegeekstuff.com/2009/04/linux-postgresql-install-and-configure-from-source/

#2 PREREQUISITES:

Note: If required using YAST2 install the lib* and init* as directed in the process of installation.

Prerequisite 1: Download and Install the below Utilities:

  • zlib-devel-1.2.3-141.1.x86_64.rpm from http://rpmfind.net/linux/rpm2html/search.php?query=zlib-devel

  • libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm from http://rpmfind.net/linux/rpm2html/search.php?query=libssl.so.0.9.8()(64bit)

  • openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm from http://rpm.pbone.net/index.php3/stat/4/idpl/11748433/dir/opensuse/com/openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm.html

OUTPUT:

rpm -ivh zlib-devel-1.2.3-141.1.x86_64.rpm

rpm -ivh libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm --force

rpm -ivh openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm --force --nodeps

sles11-64bit:/opt # rpm -ivh zlib-devel-1.2.3-141.1.x86_64.rpm

warning: zlib-devel-1.2.3-141.1.x86_64.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID 3dbdc284

Preparing... ########################################### [100%]

1:zlib-devel ########################################### [100%]

sles11-64bit:/opt # rpm -ivh libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm --force

warning: libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID 3dbdc284

Preparing... ########################################### [100%]

1:libopenssl0_9_8 ########################################### [100%]

sles11-64bit:/opt # rpm -ivh openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm --force --nodeps

warning: openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 9b650b0e

Preparing... ########################################### [100%]

1:openssl-otc-pol-devel ########################################### [100%]


Prerequisite 2: Though it is a minor upgrade, it is better to take the backup of the postgresql database

  • Create a file so that we can dump the existing. for example:/postgres_dump.bkp (run as novell user, or give full permissions to the file)

  • navigate to postgres home bin directory. For ex: /opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin (run as novell user)

  • run : ./pg_dumpall --username=dbauser > /opt/dump/postgre1_1_dump/postgre_dump.bkp (run as novell user)

2 possible errors at this stage when using ./pg_dumpall

Error 1: any problem with the environment variables then run (run as novell user):

  • cd /opt/novell/sentinel_log_mgr/bin

  • . setenv.sh (run as novell user)

opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin # /opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin./pg_dumpall --username=dbauser > /opt/dump/postgre1_1_dump/postgre_dump.bkp

-bash: /opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin./pg_dumpall: No such file or directory

Error 2: ./pg_dumpall

error while loading shared libraries: libpq.so.5: cannot open shared object file: No such file or directory

for this error also you need to rung the setenv script

cd /opt/novell/sentinel_log_mgr/bin

. setenv.sh

OUTPUT:

novell@sles11-64bit:~> cd /opt/novell/sentinel_log_mgr/3rdparty/

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> touch postgre_dump.bkp

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> ll

total 0

drwx------ 8 novell novell 384 2010-07-05 18:09 activemq

-rw-r--r-- 1 novell novell 0 2010-11-08 20:14 postgre_dump.bkp

drwx------ 8 novell novell 192 2010-07-05 18:09 PostgreSQL

drwx------ 8 novell novell 304 2010-07-02 04:36 tomcat

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin> cd /opt/novell/sentinel_log_mgr/bin

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/bin> . setenv.sh

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/bin> cd /opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin> ./pg_dumpall --username=dbauser > /opt/novell/sentinel_log_mgr/3rdparty/postgre_dump.bkp

-----------------------------

Prerequisite 3. Stop PostgreSQL database by stopping the SLM services server.sh stop

Just make sure that the DB is down. ps -ef | grep postgre

OUTPUT:

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin> server.sh stop

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin> ps -ef | grep postgre

novell 7205 6365 0 20:25 pts/1 00:00:00 grep postgre

----------------------

Prerequisite 4. Move the entire postgres directory to a different name and create a new directory with the same name

mv PostgreSQL PostgreSQL_old

mkdir PostgreSQL

OUTPUT:

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> mv PostgreSQL PostgreSQL_old

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> ll

total 1309

drwx------ 8 novell novell 384 2010-07-05 18:09 activemq

-rw-r--r-- 1 novell novell 1338148 2010-11-08 20:16 postgre_dump.bkp

drwx------ 8 novell novell 192 2010-07-05 18:09 PostgreSQL_old

drwx------ 8 novell novell 304 2010-07-02 04:36 tomcat

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> mkdir PostgreSQL

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty> ll

total 1309

drwx------ 8 novell novell 384 2010-07-05 18:09 activemq

-rw-r--r-- 1 novell novell 1338148 2010-11-08 20:16 postgre_dump.bkp

drwx------ 2 novell novell 48 2010-11-08 20:28 PostgreSQL

drwx------ 8 novell novell 192 2010-07-05 18:09 PostgreSQL_old

drwx------ 8 novell novell 304 2010-07-02 04:36 tomcat

-------------------------

Prerequisite 5. OPTIONAL (can eliminate this step later):

find / -name libssl.so

find / -name libssl.so.0.9.8

find / -name libcrypto.so

cd /usr/lib

ll libssl*

find / -name libssl.so.0.9.8

ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so

ln -s /usr/lib64/libssl.so.0.9.8 /usr/lib64/libssl.so

find / -name libcrypto.so

find / -name libcrypto.so.0.9.8

ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so

ln -s /usr/lib64/libcrypto.so.0.9.8 /usr/lib64/libcrypto.so

ls -l /usr/lib64/libcrypto.so

---------------------------------

#3. STEPS TO INSTALL AND CONFIGURE POSTGRESQL FROM SOURCE:

  1. Download

psotgresql 8.3.12 "postgresql-8.3.12.tar.gz" OR “postgresql-8.3.12.tar.bz2” from

http://www.PostgreSQL.org/ftp/source/v8.3.12/, http://www.PostgreSQL.org/docs/8.3/static/release-8-3-12.html

  1. Extract the existing source file

gunzip postgresql-8.3.12.tar.gz

tar xf postgresql-8.3.12.tar

OR

tar xvfz postgresql-8.3.12.tar.gz

OR

bunzip2 postgresql-8.3.12.tar.bz2

tar xf postgresql-8.3.12.tar.gz

--------------------------------

bunzip2 postgresql-8.3.12.tar.bz2

sles11-64bit:/opt # ll

total 76915

drwxr-xr-x 7 root root 168 May 4 2010 kde3

-rw-r--r-- 1 root root 609990 Nov 8 14:33 libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm

drwxr-xr-x 3 root root 80 Jul 5 18:08 novell

-rw-r--r-- 1 root root 994409 Nov 8 14:38 openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm

drwxr-xr-x 2 oracle oinstall 48 May 4 2010 oracle

-rw-r--r-- 1 root root 77026304 Oct 7 10:59 postgresql-8.3.12.tar

-rw-r--r-- 1 root root 46499 Nov 8 14:27 zlib-devel-1.2.3-141.1.x86_64.rpm

sles11-64bit:/opt # tar xf postgresql-8.3.12.tar

--------------------------------

  1. ./configure

Syntax: ./configure --prefix=<postgres_home_dir> --exec-prefix=<postgres_home_dir> --without-readline --disable-rpath --with-openssl

/opt/PostgreSQL/postgresql-8.3.12> ./configure --prefix=/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL --exec-prefix=/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL --without-readline --disable-rpath --with-openssl

  1. gmake

  2. gmake install

  3. Change the owner and group of the PostgreSQL installed file to novell /opt/novell/sentinel_log_mgr/3rdparty # chown -R novell:novell PostgreSQL

  4. Check and start the services. Check the logs

OUTPUT:

novell@sles11-64bit:/var/opt/novell/sentinel_log_mgr/log> server.sh start

novell@sles11-64bit:/var/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/data> vi PostgreSQL.conf

ssl=off --Check

novell@sles11-64bit:/var/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/data> cd /opt/novell/sentinel_log_mgr/bin/

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/bin> . setenv.sh

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/bin> cd ../3rdparty/PostgreSQL/bin/

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/bin> ./psql --version

psql (PostgreSQL) 8.3.12

#4. Test Using pgadmin

novell@sles11-64bit:/opt/novell/sentinel_log_mgr/bin> ./report_dev_setup.sh

Connect in pgadmin and check if we are pointing to the new database.

#5. Test From Web UI

Login to Sentinel Log manager web ui and see if all the features are working fine.

#6. Trouble Shooting:

TS1-----------------------------

novell@KiranSLES11SP1:/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL/postgresql-8.3.12> ./configure -prefix=/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL --exec-prefix=/opt/novell/sentinel_log_mgr/3rdparty/PostgreSQL --without-readline --disable-rpath --with-openssl

checking for library containing fdatasync... none required

checking for library containing shmget... none required

checking for inflate in -lz... no

configure: error: zlib library not found

If you have zlib already installed, see config.log for details on the

failure. It is possible the compiler isn't looking in the proper directory.

Use --without-zlib to disable zlib support.


Install: zlib-devel-1.2.3-141.1.x86_64.rpm, mentioned in prerequisites.

TS2------------------------------

checking for library containing getopt_long... none required

checking for library containing crypt... -lcrypt

checking for library containing fdatasync... none required

checking for library containing shmget... none required

checking for CRYPTO_new_ex_data in -lcrypto... no

configure: error: library 'crypto' is required for OpenSSL


Install: libopenssl0_9_8-0.9.8m-4.14.x86_64.rpm and openssl-otc-pol-devel-0.9.8a-1.1.x86_64.rpm as mentioned in the prerequisites.