增加ncoadmin组,将用户增加进这个组中[
root@localhost sharedfolder]# cp nco_pa.conf /opt/netcool/omnibus/etc
cp: overwrite `/opt/netcool/omnibus/etc/nco_pa.conf'? y
[root@localhost sharedfolder]#
[root@localhost sharedfolder]# cp /etc/pam.d/passwd /etc/pam.d/netcool
[root@localhost sharedfolder]# cd /etc/pam.d/
[root@localhost pam.d]# ls
atd gdm other run_init system-auth system-config-printer
authconfig gdm-autologin passwd runuser system-auth-ac system-config-rootpassword
authconfig-gtk gdmsetup pirut runuser-l system-cdinstall-helper system-config-securitylevel
authconfig-tui gnome-screensaver pm-hibernate sabayon system-config-authentication system-config-selinux
chfn gnome-system-log pm-powersave serviceconf system-config-date system-config-services
chsh gssftp pm-suspend setup system-config-display system-config-soundcard
config-util halt pm-suspend-hybrid smtp system-config-kdump system-config-time
cpufreq-selector kbdrate poweroff smtp.sendmail system-config-keyboard system-config-users
crond kshell ppp sshd system-config-language system-install-packages
cups login pup su system-config-lvm vmware-guestd
dateconfig neat reboot su-l system-config-netboot
eject netcool remote sudo system-config-network
ekshell newrole rhn_register sudo-i system-config-network-cmd
[root@localhost pam.d]# cat passwd
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
[root@localhost pam.d]# $OMNIHOME/bin/nco_install_ospam
Netcool/OMNIbus 7.1 ObjectServer PAM Installation
Ready to install and setup the PAM module.
What is the name of the authentication server? [NCOMS] NCO_PA
Do you wish to view the updates to be added to /etc/pam.d? (y/n)? [y]
#
# PAM Configuration for the Netcool/OMNIbus ObjectServer.
#
auth required /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
account required /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
password required /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
Do you wish to install these changes? (y/n)? [y]
Installation complete.
NOTE: You now need to enable the use of PAM by the ObjectServer itself by
setting or adding the property 'Sec.UsePam : TRUE' to the ObjectServers
properties file.
[root@localhost pam.d]#
[root@localhost install]# cd startup/
[root@localhost startup]# ls
linux2x86 linux2x86install
[root@localhost startup]# chmod 750 linux2x86install 修改权限
[root@localhost startup]# pwd
/opt/netcool/omnibus/install/startup
[root@localhost startup]# ./linux2x86install 执行
./linux2x86install: line 22: [: Server: integer expression expected
./linux2x86install: line 25: [: Server: integer expression expected
This script. copies a startup script. into the /etc/rc.d/init.d directory to enable
you to automatically start and stop Netcool/OMNIbus processes.
It does this by:
Copying linux2x86/etc/rc.d/init.d/nco to /etc/rc.d/init.d/nco
Linking /etc/rc.d/init.d/nco to /etc/rc.d/rc1.d/K65nco
Linking /etc/rc.d/nit.d/nco to /etc/rc.d/rc2.d/S81nco
Do you wish to continue (y/n)? [y] y
Name of the Process Agent Daemon [NCO_PA]:
Should NCO_PA run in secure mode (y/n)? [y]
Enter value for environment variable NETCOOL_LICENSE_FILE [27000@localhost]:
Scripts installed.
[root@localhost startup]#
[root@localhost etc]# pwd
/opt/netcool/omnibus/etc
[root@localhost etc]# ls -l *conf*
-rw-r--r-- 1 root root 1493 Oct 16 20:31 nco_config.props
-rw-r--r-- 1 root root 2572 Oct 16 20:31 nco_confpack.props
-rw-r--r-- 1 root root 1212 Oct 16 20:31 nco_pa.conf
[root@localhost etc]# vi nco_pa.conf
[root@localhost etc]# cd ..
[root@localhost omnibus]# ls
RELEASE_ID bin db desktop etc gates help install java log patches platform probes tsm upgrade utils var
[root@localhost omnibus]# cd bin
[root@localhost bin]# ls
hs_err_pid28300.log nco_config nco_g_crypt nco_install_ospam nco_pa_shutdown nco_proxyserv nco_store_resize
nco nco_confpack nco_g_objserv_bi nco_message nco_pa_start nco_removeuser nco_v3_admin
nco_adduser nco_crypt nco_g_objserv_uni nco_objserv nco_pa_status nco_run nco_xigen
nco_banner nco_dbinit nco_get_login_token nco_os_migrate nco_pa_stop nco_sql nco_xprops
nco_check_store nco_elct nco_help nco_pa_addentry nco_pad nco_sql_crypt start
nco_common nco_event nco_id nco_pa_crypt nco_ping nco_ssladmin sybinit.err
[root@localhost bin]# ./nco_pa_crypt tivoli
EIEHBLBCBGFB
[root@localhost bin]# cd ..
[root@localhost omnibus]# ls
RELEASE_ID bin db desktop etc gates help install java log patches platform probes tsm upgrade utils var
[root@localhost omnibus]# cd etc
[root@localhost etc]# ls -l *conf*
-rw-r--r-- 1 root root 1493 Oct 16 20:31 nco_config.props
-rw-r--r-- 1 root root 2572 Oct 16 20:31 nco_confpack.props
-rw-r--r-- 1 root root 1212 Oct 16 20:31 nco_pa.conf
[root@localhost etc]# vi nco_pa.conf
1.按格式修改,process按实际情况增加.2启动secure 密码用nco_pa_crypt 进行转换
我的环境列出如下:
[[root@localhost etc]#
#
# List of processes
#
nco_process 'MasterObjectServer'
{
Command '$OMNIHOME/bin/nco_objserv -name NCOMS -pa NCO_PA' run as 0
Host = 'localhost'
Managed = True
RestartMsg = '${NAME} running as ${EUID} has been restored on ${HOST}.'
AlertMsg = '${NAME} running as ${EUID} has died on ${HOST}.'
RetryCount = 0
ProcessType = PaPA_AWARE
}
nco_process 'A'
{
Command '$OMNIHOME/bin/nco_objserv -name HEJUN -pa NCO_PA' run as 0
Host = 'localhost'
Managed = True
RestartMsg = '${NAME} running as ${EUID} has been restored on ${HOST}.'
AlertMsg = '${NAME} running as ${EUID} has died on ${HOST}.'
RetryCount = 0
ProcessType = PaPA_AWARE
}
nco_process 'B'
{
Command '$OMNIHOME/bin/nco_g_objserv_uni -name UNI_GATE -pa NCO_PA' run as 0
Host = 'localhost'
Managed = True
RestartMsg = '${NAME} running as ${EUID} has been restored on ${HOST}.'
AlertMsg = '${NAME} running as ${EUID} has died on ${HOST}.'
RetryCount = 0
ProcessType = PaPA_AWARE
}
nco_process 'nco_p_syslog'
{
Command '$OMNIHOME/probes/nco_p_syslog -pa NCO_PA' run as 0
Host = 'localhost'
Managed = True
RestartMsg = '${NAME} running as ${EUID} has been restored on ${HOST}.'
AlertMsg = '${NAME} running as ${EUID} has died on ${HOST}.'
RetryCount = 0
ProcessType = PaPA_AWARE
}
#
# List of Services
#
nco_service 'Core'
{
ServiceType = Master
ServiceStart = Auto
process 'MasterObjectServer' NONE
}
nco_service 'A'
{
ServiceType = Master
ServiceStart = Auto
process 'A' NONE
}
nco_service 'B'
{
ServiceType = Master
ServiceStart = Auto
process 'B' NONE
}
nco_service 'syslog'
{
ServiceType = Master
ServiceStart = Auto
process 'nco_p_syslog' NONE
}
#
# This service should be used to store processs that you want to temporarily
# disable. Do not change the ServiceType or ServiceStart settings of this
# process.
#
nco_service 'InactiveProcesses'
{
ServiceType = Non-Master
ServiceStart = Non-Auto
}
#
# ROUTING TABLE
#
# 'user' - (optional) only required for secure mode PAD on target host
# 'user' must be member of UNIX group 'ncoadmin'
# 'password' - (optional) only required for secure mode PAD on target host
# use nco_pa_crypt to encrypt.
nco_routing
{
host 'localhost' 'NCO_PA' 'hejun' 'EIEHBLBCBGFB'
}
[root@localhost etc]#
[root@localhost etc]# cd ../bin
[root@localhost bin]# ./nco_xigen 添加NCO_PA ObjectServer
add user hejun and assign this handsome boy's name to group ncoadmin (^_^)
edit all the ObjectServer 's configuration(.porps) in $OMNIHOME/etc/ directory. for example
PA.Name: 'NCO_PA' # STRING (Name of process agent)
PA.Password: 'EIEHBLBCBGFB' # STRING (Password to use when connecting to the process agent)
PA.Username: 'hejun' # STRING (Username to use when connecting to the process agent)
# PAAware: 0 # INTEGER ()
# PaAwareName: '' # STRING ()
# Profile: FALSE # BOOLEAN (Enable profiling)
# ProfileStatsInterval: 120 # INTEGER (Profiler statistics report interval)
# Props.CheckNames: TRUE # BOOLEAN (Cause program to abort if any property is not understood at the time it is read)
# PropsFile: '$OMNIHOME/etc/NCOMS.props' # STRING (Path to gateways property file.)
# Region.ProtectAll: FALSE # BOOLEAN (Make all regions write-protected)
# RestrictionUpdateCheck: TRUE # BOOLEAN (Specifies whether or not users can update events that will not appear in their view
# RestrictProxySQL: FALSE # BOOLEAN (Restrict the set of SQL commands proxies can submit)
# Sec.AuditLevel: 'warn' # STRING (Security audit level)
# Sec.AuditLog: 'stdout:' # STRING (Security audit trail)
Sec.UsePam: TRUE # BOOLEAN (Use Pluggable Authentication Modules)
$OMNIHOME/bin/nco_pad -name NCO_PA -authenticate PAM -user hejun -password EIEHBLBCBGFB
[root@localhost bin]# ./nco_pa_status -server NCO_PA -user hejun -password tivoli
-------------------------------------------------------------------------------
Service Name Process Name Hostname User Status PID
-------------------------------------------------------------------------------
Core MasterObjectServer localhost root RUNNING 25583
A A localhost root RUNNING 25584
B B localhost root PENDING 0
syslog nco_p_syslog localhost root PENDING 0
-------------------------------------------------------------------------------
[root@localhost bin]#
PENDing的原因在于粗体字.去掉-pa NCO_PA 就行了.
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/22775238/viewspace-617786/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/22775238/viewspace-617786/