Installation with grsecurity
This document explains how to install 360 Monitoring with grsecurity.
If the server’s kernel is compiled with grsecurity, special permission is needed to monitor some metrics in the /proc path.
Check for grsecurity
To check if grsecurity is enabled, run the sysctl -a | grep grsecurity command:
kernel.grsecurity.audit_ptrace = 1
kernel.grsecurity.consistent_setxid = 1
kernel.grsecurity.deny_new_usb = 0
kernel.grsecurity.dmesg = 1
kernel.grsecurity.forkfail_logging = 1
kernel.grsecurity.grsec_lock = 0
kernel.grsecurity.harden_ptrace = 1
kernel.grsecurity.ptrace_readexec = 1
kernel.grsecurity.signal_logging = 1
kernel.grsecurity.timechange_logging = 1
If nothing appears, grsecurity is not enabled.
Grant access
To grant 360 Monitoring access to the /proc directory, run the following commands.
- First, run the
id agent360command to check what groupID (gid) 360 Monitoring uses. - Then, open the grub configuration file at
/etc/default/grub - Edit the line with
GRUB_CMDLINE_LINUX_DEFAULTand addgrsec_proc_gid=XXXat the end before the double quote (“). For example, if yourgroupidis123, change the line from:
GRUB_CMDLINE_LINUX_DEFAULT="noquiet nosplash net.ifnames=0 biosdevname=0"
to:
GRUB_CMDLINE_LINUX_DEFAULT="noquiet nosplash net.ifnames=0 biosdevname=0 grsec_proc_gid=123"
Don’t forget to include a space between the values.
4. Finally, run the update-grub and reboot commands to restart your system.
Updated over 2 years ago