Configuring the installation parameters for the NSH or the RSCD agent

You can configure the installation parameters for the Network Shell or RSCD agent. When you run the Oracle Solaris SVR4 package or RPM Package Manager (RPM) installers, these customized parameter values are used. Configure the installation parameters in the following scenarios:

• You want to override the default values that are used during installation.
• You want to use the Smart Agent feature.

To configure the installation parameters

Do the following:

1. Create a text file named nsh-install-defaults in the /tmp directory. Only root users must own this file. In the file, add an entry for each parameter that you want to set and create another entry to export it. For example:
   NSH_INSTALL_SKEL=1
   export NSH_INSTALL_SKEL

   Warning

   Note

   The nsh-install-defaults file can include the same agent settings as for silent installation of the agent. However, do not include settings for INSTALL_DIR and NSH_DIR.

   The following table describes how to set each possible parameter:

   Parameter	Description
   SHARE_NSH	Set this parameter value to 1 to enable the use of the nsh command to start NSH from any command line. This setting puts a link to a Network Shell start script in the /bin directory.
   IS_SECURE_AGENT_LOGS	Set this parameter value to 1 to enable secure agent logging. When secure agent logging is enabled, agent logs are periodically rolled and digitally signed as they are rolled.
   IS_KEYSTROKE_LOGS	Set this parameter value to 1 to enable keystroke (nexec) logging on an agent. When keystroke logging is enabled on an agent, remote commands run against the agent using nexec are captured and logged in an encrypted manner in keystroke logs. These logs are also periodically rolled and digitally signed as they are rolled.
   INSTALL_BLPRNG	Set this parameter value to 1 to install the BladeLogic Pseudo Random Number Generator Daemon (PRNGD). TrueSight Server Automation uses random data to encrypt communication securely. Most systems already have a random number generator device; you might not need this setting. However, if a server on which you are performing a silent installation does not include a hardware device for generating random numbers, the installation program installs the PRNGD.
   NSH_ROOT_HOST	Set this parameter value to identify a client on which users are granted root privileges for this server. This option sets the root= flag in the exports configuration file. By default, no clients are specified.
   NSH_USER_FROM NSH_USER_TO	Set these values to configure a default user mapping in the users.local file. By default, no users are mapped. The values set with this parameter create an entry in the users.local file that says: NSH_USER_FROM rw,map=NSH_USER_TO For example, by defining values for these parameters, you could create an entry in users.local similar to the following example: betty rw,map=root For information about the users.local file, see Configuring-the-users-or-users-local-files.
   NSH_INSTALL_SKEL	By default, a silent installation does not include the .nsh/etc/skel files. Set this parameter to 1 to install those files.
   TMP_DIR	(For the RSCD agent) Specifies a location where the installer should uncompress the sysinfo installation file before the file copy.
   AUTOSTART_AGENT	Set this parameter to 1 to restart the RSCD agent automatically when the system is rebooted. (This setting creates agent start-up files in /etc.)
   New in 20.02EXPORTSFILETEXT	Set this parameter to modify the exports file content. For example, to allow user access only from appserver1 and appserver2 hosts, use this value: "appserver1,appserver2 rw" For more information about configuring the Exports file, see Configuring-the-exports-file.

   Parameter	Description
   SHARE_NSH	Set this parameter value to 1 to enable the use of the nsh command to start NSH from any command line. This setting puts a link to a Network Shell start script in the /bin directory.
   IS_SECURE_AGENT_LOGS	Set this parameter value to 1 to enable secure agent logging. When secure agent logging is enabled, agent logs are periodically rolled and digitally signed as they are rolled.
   IS_KEYSTROKE_LOGS	Set this parameter value to 1 to enable keystroke (nexec) logging on an agent. When keystroke logging is enabled on an agent, remote commands run against the agent using nexec are captured and logged in an encrypted manner in keystroke logs. These logs are also periodically rolled and digitally signed as they are rolled.
   INSTALL_BLPRNG	Set this parameter value to 1 to install the BladeLogic Pseudo Random Number Generator Daemon (PRNGD). TrueSight Server Automation uses random data to encrypt communication securely. Most systems already have a random number generator device; you might not need this setting. However, if a server on which you are performing a silent installation does not include a hardware device for generating random numbers, the installation program installs the PRNGD.
   NSH_ROOT_HOST	Set this parameter value to identify a client on which users are granted root privileges for this server. This option sets the root= flag in the exports configuration file. By default, no clients are specified.
   NSH_USER_FROM NSH_USER_TO	Set these values to configure a default user mapping in the users.local file. By default, no users are mapped. The values set with this parameter create an entry in the users.local file that says: NSH_USER_FROM rw,map=NSH_USER_TO For example, by defining values for these parameters, you could create an entry in users.local similar to the following example: betty rw,map=root For information about the users.local file, see Configuring-the-users-or-users-local-files.
   NSH_INSTALL_SKEL	By default, a silent installation does not include the .nsh/etc/skel files. Set this parameter to 1 to install those files.
   TMP_DIR	(For the RSCD agent) Specifies a location where the installer should uncompress the sysinfo installation file before the file copy.
   AUTOSTART_AGENT	Set this parameter to 1 to restart the RSCD agent automatically when the system is rebooted. (This setting creates agent start-up files in /etc.)
   New in 20.02EXPORTSFILETEXT	Set this parameter to modify the exports file content. For example, to allow user access only from appserver1 and appserver2 hosts, use this value: "appserver1,appserver2 rw" For more information about configuring the Exports file, see Configuring-the-exports-file.

   New in 20.02

   Configure the following properties to use the Smart Agent capabilities.

   Property	Description
   SMARTHUB_HOSTNAME	Specify the host name of the system where the Smart Hub is installed. For example, "smarthubprod1.bmc.com"
   SMARTHUB_PORT	Specify the listener port of the Smart Hub. The default port is 443.
   ENROLL_INTERVAL_MIN	Specify the interval for enrolling the agent. The default interval is 15 minutes. The interval range can be 1 - 360 minutes.
   ENROLL_AS	Shows the predefined identifier that is used for enrolling the server. Specify one of the following identifiers to be used for the enrollment: "<HOSTNAME>": Indicates the server host name. This is the default identifier. "<SMARTHUB_PEER_IP>": Indicates the IP address of the server. "<SMARTHUB_PEER_FQDN>": Indicates the fully qualified domain name of the Smart Hub IP address. NEW IN 20.02.01 <UUID>: Indicates the UUID value that is generated for the server. Note: Use this identifier for enrolling servers in the public cloud, such as AWS. Also, you can specify a combination of "<HOSTNAME>.domain" or free text, such as "smartagent.domain." NEW IN 20.02.01 Conversion operators You can use the following conversion operators with any of the predefined identifiers to change their casing: <UPPER>: Changes to upper case characters. <LOWER>: Changes to lower case characters. You can also use any free text along with the identifiers. Examples: Identifier Sample enrolled value <HOST_NAME> oracle_prod2 <SMARTHUB_PEER_FQDN> oracle_prod2.bmc.com <HOSTNAME><UPPER> ORACLE_PROD2 <HOSTNAME>.dev.bmc.com<UPPER> ORACLE_PROD2.DEV.BMC.COM <UPPER><SMARTHUB_PEER_FQDN> ORACLE_PROD2.BMC.COM RHEL-db-prod1.prod.bmc.com<UPPER> RHEL-DB-PROD1.PROD.BMC.COM <LOWER>RHEL-db-prod1.prod.bmc.com rhel-db-prod1.prod.bmc.com <UPPER> Error msg : Unable to set enroll_as value from : <UPPER> <UPPER><HOSTNAME><LOWER> ORACLE_PROD2 Note: If both the operators are provided, <UPPER> will have precedence over <LOWER>.
   HEARTBEAT_INTERVAL_MIN	Specify the interval at which the Smart Agent sends heartbeats to the Smart Hub for status updates. The default interval is five minutes. The interval range can be 1 - 360 minutes.
   SMARTAGENT_SERVICE	Indicates whether the Smart Agent service is enabled. When the service is enabled, the Smart Agent is started automatically after installation. For new installation, the default value is set to 1, which indicates that the Smart Agent service is enabled. For upgrade, the default value is set to 0, which indicates that the Smart Agent service is disabled. The Agent is not started automatically after the upgrade. To change the default settings, you can change the property value as required.
   ACCESS_KEY	Specify the access key that is generated after registering the Smart Hub in the Application Server. For more information, see Configuring-the-Smart-Hub-and-Smart-Hub-Gateway.
   SERVER_PROP_STR DEPRECATED IN 21.02	Comma-separated list of server properties of type String. This property is deprecated in version 21.02. Use the SERVER_PROP_LIST property instead. Note: For 21.02.01 and earlier versions, enter the property names and their value in upper case characters only.
   SERVER_PROP_INT DEPRECATED IN 21.02	Comma-separated list of server properties of type Integer. This property is deprecated in version 21.02. Use the SERVER_PROP_LIST property instead. Note: For 21.02.01 and earlier versions, enter the property names and their values in upper case characters only.
   SERVER_PROP_BOOL DEPRECATED IN 21.02	Comma-separated list of server properties of type Boolean. This property is deprecated in version 21.02. Use the SERVER_PROP_LIST property instead. Note: For 21.02.01 and earlier versions, enter the property names and their values in upper case characters only.
   SERVER_PROP_LIST NEW IN 21.02	The list of server properties that you want to configure. For 21.02.01 and earlier versions, enter the property names and their values in upper case characters only. Note: The SERVER_PROP_LIST parameter supports custom server properties in addition to predefined ones. By including them in the  SERVER_PROP_LIST  variable, you can define and assign custom properties during agent installation. These properties will be registered with the agent and can be used for automation, reporting, and policy enforcement. For example: SERVER_PROP_LIST="CUSTOM:Location=DC1,CUSTOM:Environment=Prod"
   WM_INTERVAL_SEC NEW IN 20.02.01	Specify the interval (in seconds) at which the Smart Hub is polled for work requests. The default is 300 seconds.
   TUNNEL_ENABLE NEW IN 20.02.01	A Boolean value that indicates whether the tunnel feature is enabled. By default, it is disabled.
   TUNNEL_IDLE_TIMEOUT_MIN NEW IN 20.02.01	The idle connection timeout in minutes. The default is 720 minutes.
   CLOUD_ACCOUNT	Specify the cloud account to which the server belongs.
   CLOUD_REGION	Specify the cloud region where the server is located.
   CLOUD_RESOURCE_NAME	Specify the cloud resource name for the server.
   CLOUD_RESOURCE_ID	Specify the cloud resource identifier for the server.
   CLOUD_VPC	Specify the cloud VPC where the cloud is located.
   AUTO_USP_ENABLED NEW IN 21.02	A Boolean value (true or false) that indicates whether the Auto USP feature is enabled. By default, it is enabled. If you want to disable this feature, add this property and specify its value as false.
   AUTO_USP_INTERVAL_H NEW IN 21.02	The interval (in hours) at which the server properties are validated to detect a change. The default interval is two hours.
   CONFIG_POLICY_ENABLEDNEW IN 21.02	A Boolean value (true or false) that indicates whether the Configuration Policy feature is enabled. By default, it is enabled. If you want to disable this feature, add this property and specify its value as false.

   Example of configured Smart Agent properties

   AUTOSTART_AGENT=1
   EXPORTSFILETEXT="*rw,user=root"
   SMARTHUB_HOSTNAME="abc.bmc.com"
   SMARTHUB_PORT=10443
   ENROLL_INTERVAL_MIN=1
   ENROLL_AS="<HOSTNAME>.bmc.com<UPPER>"
   HEARTBEAT_INTERVAL_MIN=5
   SMARTAGENT_SERVICE=1
   ACCESS_KEY="azywdWJsaWNfa2V5IjoiLS0tLS1CRUdJTiBQVUJMSUMgS0VZ
   LS0tLS1cclxuTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ
   2dLQ0FRRUExSDc5THdmcG5DNm5ZVTNHVTRFb1xyXG5qdERzQjczdzF3dEE4VmV
   CR1FZd1o0NVloK3FrRiszYmN0RDVabGQxdVA2cWRWZWppTzRXMXRTWmxRTXBLb
   tttXHJcbnJIMGdyc3dXNG91S1E2azFTdzY2SWZWTU5BKzI5Qk5oFdZYy9xbzk3
   eW5HSzJLNm41a2tzc2dCM0RONGRcclxuN1FJREFRQUJcclxuLS0tLS1FTkQgUF
   VCTElDIEtFWS0tLS0tXHJcbiIsImluZnJhX2lkIjoiQjgzMzNFQUIwQjUzM0RDR=="
   SERVER_PROP_LIST="CLOUD_PROVIDER, CLOUD_ACCOUNT, CLOUD_REGION, CLOUD_RESOURCE_ID, CLOUD_RESOURCE_NAME, CLOUD_VPC, <CUSTOM_PROPERTY> "
   CLOUD_PROVIDER="AWS"
   CLOUD_REGION="MUMBAI"
   CLOUD_RESOURCE_ID="123"
   CLOUD_ACCOUNT="BMC-TEST"
   CLOUD_RESOURCE_NAME=""
   CLOUD_VPC="VPC0"
   TUNNEL_ENABLE="true"
2. Save the changes.

What's next

Run the installer. When you run the NSH and RSCD installer, the Smart Agent related configuration settings are saved in the smartagent.conf file. This file is saved at this path:

• (Windows) C:\Windows\rsc
• (Linux) /etc/rsc

For installation instructions, see Using-the-Solaris-SVR4-package-installer-to-install-NSH-and-the-RSCD-agent or Using-RPM-to-install-NSH-or-the-RSCD-agent.