Skip to main content
Skip table of contents

Prepare the environment for installation on Linux

Before installing the DCA and Cloud Connector agent on Linux distributions, prepare the environment.

Instructions

Preparation 1: edit the sysctl.conf file

  1. Open the terminal

  2. Run the command below in the terminal to open the editor:

BASH 
sudo nano /etc/sysctl.conf

  1. At the end of the file, add the following two lines to allow the agent processes to monitor a much larger number of files simultaneously:

fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=524288

  1. Press CTRL + X to save the edits to the file and close it

  2. Run the command below in the terminal to apply the adjustment made to the file:

BASH 
sudo sysctl -p

Preparation 2: change SELinux to permissive or disabled mode

This step-by-step should only be carried out if SELinux is installed and in Enforcing mode.

Step 1: check that SELinux is installed

  1. Open the terminal

  2. Run the command below in the terminal:

BASH 
sudo getenforce

If SELinux is installed, the command will return the current status of SELinux, which can be:

Enforcing or
Permissive or
Disabled

If SELinux is not installed, the command will return a message indicating that the command was not found, such as:

sudo: getenforce: command not found

Next steps:

  • If SELinux is in Permissive or Disabled mode, or is not installed, it is not necessary to go on to Steps 2 and 3.

  • If SELinux is in Enforcing mode, go to Steps 2 and 3.

Step 2: change SELinux mode

Before changing the SELinux mode, we recommend consulting the administrator responsible for the system.

  1. Run the command below in the terminal to open the editor:

BASH 
sudo nano /etc/selinux/config

  1. Locate the line that sets the SELinux mode:

SELINUX=enforcing

  1. Change the value to permissive or disabled:

SELINUX=permissive or
SELINUX=disabled

  1. Press CTRL + X to save the edits to the file and close it

  2. Run the command below in the terminal to reboot the system:

BASH 
sudo shutdown -r now

Step 3: check if the mode has been changed

  1. Open the terminal

  2. Run the command below in the terminal:

BASH 
sudo getenforce

The command should return:

Permissive or
Disabled

However, if the SELinux status is still Enforcing, there may be a setting that forces SELinux into this mode. Consult your operating system's documentation to identify and change the settings that are forcing the mode, and repeat Steps 2 and 3.

Preparation 3: transfer the gateway certificate

This step-by-step should only be carried out if the gateway is used as the type of communication between the agent and the portal.

To use the Gateway Connector as the communication method for the DCA and Cloud Connector agent on Linux, you need to transfer the gateway certificate from Windows to Linux.

Step 1: install the Gateway Connector on Windows

  1. Install the Gateway Connector on Windows

Step 2: export the certificate on Windows

  1. Access Windows where the Gateway Connector is installed

  2. In Windows search, find and open the Manage user certificates or Manage computer certificates folder

  3. In the left bar, click on Trusted Root Certification Authorities and then on Certificates

  4. In the list of certificates, locate and open the NDD Root Certificate Authority certificate

  5. On the certificate screen, go to the Details tab

  6. Click the Copy to File... button

  7. On the certificate export wizard screen, click the Next button

  8. Select the Base-64 encoded X.509 (.CER) and click the Next button

  9. Click the Browse... button to select the file's destination folder and enter its name, then click the Next button

  10. Click the Finish button

  11. Locate the file on Windows and transfer it to Linux where the agent will be installed

Step 3: import the certificate on Linux

The commands below refer to the Ubuntu distribution. For other distributions, replace the commands.

  1. On Linux, open the terminal

  2. Run the command below in the terminal:

BASH 
sudo openssl x509 -in FILE_CRT -out /usr/local/share/ca-certificates/nddgateway.crt

Replace FILE_CRT with the full path of the file to be imported. Example:

BASH 
sudo openssl x509 -in /home/username/Desktop/certificate.cer -out /usr/local/share/ca-certificates/nddgateway.crt

  1. Run the command below in the terminal:

BASH 
sudo update-ca-certificates

The certificate will be imported into Linux in the destination folder /usr/local/share/ca-certificates/, with the name nddgateway.crt.

{{component-feedback-article}}

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close