Tag Archives: Audit Vault Agent

Error installing Audit Vault Agent 12.1.1 on AIX

The Problem

During the setup of the current audit vault agent 12.1.1 on AIX, I’ve run into issues. Depending on the configuration of the AIX environment, the agent can not be installed at all.

avagent@host:/u00/app/avagent/ [avagent] java -jar agent.jar -d /u00/app/avagent/product/avagent
/u00/app/avagent/product/avagent/bin/agentctl[56]: LOGNAME: is read only
Error while executing command: [sh, /u00/app/avagent/product/avagent/bin/agentctl, fixperms]
avagent@host:/u00/app/avagent/ [avagent] 

The problem is in the for loop on line 56 of agentctl where it tries to unset environment variables. Specifically, the environment variable LOGNAME can not be reset. On our AIX LOGNAME has been defined as read only in /etc/profile.

# Unset all env vars
#
for var in <code>{{EJS0}}</code>; do
  $ECHO $var | $EGREP "$passthru" > /dev/null

  # If no match, i.e. not a passthru then unset
  if [ $? -eq 1 ]; then
    unset $var
  fi
done

The Solutions

Change OS default profile

One solution would be to change the default profile on the OS. For this just open /etc/profile and comment out line 37. But I assume for most of us it is not an option to change the default profile.

# System wide profile.  All variables set here may be overridden by
# a user's personal .profile file in their $HOME directory.  However,
# all commands here will be executed at login regardless.

trap "" 1 2 3 
#readonly LOGNAME

Change the audit agent

The alternate solution is to update the agent.jar and fix agentctl. Get the current agent.jar from the audit vault server and extract the agentclt script.

jar -xf agent.jar bin/agentctl

Update the agentctl and add LOGNAME the the list of pass through variable on line 46.

# Passthrough env vars
# Note: we passthru any vars with "-" invalid character
#
passthru='^TZ$|^LANG$|^LC_|^JAVA_HOME$|^PATH$|^PS1$|^LOGNAME$|-'

Put the updated agentctl script back to the agent.jar and run a regular installation.

jar -uf agent.jar bin/agentctl

The Bugfix

The problem was reported to Oracle and can be tracked using the bug number 17058352.

By the way if you’re using multiline shell prompts agentctl will fail on the same code on any OS. Here you may simple workaround by setting a single line prompt.