VigilEntAgent will not start from uvservd, but does start manually at the OS command prompt (NETIQKB70561)

  • Document ID:7770561
  • Creation Date:02-Aug-2007
  • Modified Date:03-Nov-2011
    • Micro Focus Products:
      Secure Configuration Manager

Environment

This hotfix requires NetIQ Security Agent for UNIX 5.6.

Situation

Unix checks do not complete for some agent systems only, not all though, and the report displays "...can't connect to common agent".
This has been seen thus far to happen only on systems running RedHat AS/ES 4.0.

Resolution

(Contents of the hotfix ReadMe file which is also zipped up inside the info in the patch file}

NetIQ Secure Configuration Manager

NetIQ Security Agent for UNIX 5.6.0 Hotfix 70561

Hotfix 70561 corrects an issue where the common agent does not start correctly on computers running Red Hat Enterprise Linux 4.

Hotfix 70561 modifies the startca file in the [INSTALL-DIR]/vsaunix/[OS-TYPE]/vsau/bin/ directory on the agent computer.

To install this hotfix on UNIX agent computers:

1. Start the UNIX Manager console.
2. Click Manage Agents.
3. Click Hosts > Scan All Hosts to verify all agents are active and registered.
4. Click Hosts > Patch Mgr.
5. Click Load.
6. Select the p56p10.zip file and click Open.
7. Select the hosts to which you want to apply this hotfix.
8. Select 5.6.10 as the patch to apply.
9. Click Apply to update the selected hosts.
10. Close and restart UNIX Manager.

For more information about NetIQ Security Agent for UNIX and this hotfix, contact NetIQ Technical Support at www.netiq.com/support.

Cause

  • In some situations the startca script can be seen hung from an extended period when running a ps command on the system and might need stopped with kill -9.
  • In other situations the startca script and VigilEntAgent process will attempt to run, but in a few minutes timeout and shutdown.

Additional Information

Formerly known as NETIQKB70561

The primary fix is to apply hotfix70561, but a secondary workaround is to manually start VigilEntAgent from the OS command line as follows:

  • Log in to the OS then su to root
  • Change to the PSHOME/vsaunix/{OS}/vsau/bin directory.  PSHOME is the base file system where the agent is installed and if not known, its value can be found by looking inside  /etc/vsaunix.cfg at the   PSHOME=   line.   {OS} is the Unix OS on the system which can also be found by running the 'uname -s' command.
  • Execute:   ./startca    (This brings up VigilEntAgent)

This can happen with checks run that were created in the custom checker and all non-Legacy checks.  The non-Legacy and custom checks are identified with a 'Yes' in the 'Export' column of the check list.  The non-Legacy checks are run from the VigilEntAgent process and legacy checks are run from uvservd.