r1soft and ASL

[getsolidstate]

Hi guys,
I'm trying to install R1soft CDP but it seems we are having some issues.
Are there any known problems between the two?
Could it be that R1soft does not like the ASL kernels? If so, how can we go about this?

[breun]

Helping might be easier if you explain what 'some issues' are exactly.

One thing I can think of: I think R1soft wants to install a custom kernel module. By default ASL does not allow loading kernel modules at runtime (see ALLOW_kmod_loading in the ASL configuration), so you might need to build the kernel module en and reboot the server so it gets loaded at boot time or allow loading kernel modules at runtime, but that means disabling one of the security features of ASL.

See the ASL FAQ here.

[getsolidstate]

yes R1soft does install a custom kernel module.
unfortunately, i'm not sure how to load it according to the FAQ.
would be nice if someone can walk me through this.
i don't even know where r1soft kernel module is.

[Imaging]

Which version of the agent is in use?

We've gotten the CDP2 and CDP4 agents to work with the ASL kernel so may be able to provide some pointers (assuming you are trying to install the agent of course and not the CDP server).

[getsolidstate]

yes, it's for installing the agent:
r1soft-cdp-enterprise-agent-4.2.1-17820
r1soft-setup-4.2.1-17820
r1soft-cdp-agent-4.2.1-17820
r1soft-cdp-async-agent-2-6-4.2.1-17820

and the cdp server is the CDP v3.

imaging, how did you get yours to work, as i thought ASL disables kernel module loading?

[BruceLee]

are you sure you want the enterprise and standard agent installled at the same time?
so which version do you want to install? advanced version?

short description:
update to at least gradm package (2.9.1-12)
disable kernel module protection in asl
https://www.atomicorp.com/wiki/index.ph ... s_with_ASL
install r1soft. install the asl kernel headers and devel packages and follow the build process of r1soft.
Some links:
http://wiki.r1soft.com/display/CDP3/Lin ... om+Kernels
http://wiki.r1soft.com/display/CDP3/Bui ... nel+Module

check that its loaded before 99 in your rc level
reboot.check that its working
you should also re-enable asl kernel module protection again.
reboot.

[breun]

Loading the module at runtime will fail, but I guess it should load after a reboot? That way you wouldn't need to disable the protection temporarily (and reboot twice).

[BruceLee]

hmm...thats the way I got it working in a test env. But I might be wrong and did more than I needed.

[Imaging]

Bruce:

That's the same procedure we followed but we didn't disable the protection. We made sure it loads before 99 in rc (used 98) so it would load before ASL locks the kernel. It loaded fine after a reboot without us having to disable/enable the protection.

[mikeshinn]

Thats most secure option. If you set it to load before 99, and just reboot you're good to go.

[BruceLee]

thanks for the updates. good to know that there is a better and more secure way than the one I did.

[BruceLee]

one question came in my mind...
wouldnt ASL stop the kernel module creation/building?
I think I disabled it for that reason.

[breun]

ASL won't stop compilers from working.

[mikeshinn]

wouldnt ASL stop the kernel module creation/building?

No, as Breun said, ASL doesnt prevent compilers from running.

[CRServers]

I had the same problems with the Idera agent over the ASL kernel.
I happen to find the solution here:
http://vrblog.eu/encountered-issues/run ... ernel.html
I hope it helps others.
Regards,