The Spectrum Secure Domain Connector and or TrapX service is not started automatically by the OS after reboot on RHEL8.  The service status shows as dead and inactive. This can be seen when using Spectrum version 24.x.

• Spectrum version 24.x
• Secure Domain Connector (SDC)
• TrapX

• OS: RHEL8 

• Install Type: Silent Non-root installation

• Functionality: SDC or TrapX service management

• Upgrade from RHEL7 or direct install

How services are started by the OS has changed in RHEL8 and need to be configured from the below default.

 ~/.config/systemd/user/sdmconnector.service

[Unit]
SourcePath=/opt/CA/SDMConnector/bin/sdmconnector.sh
Description=LSB: SPECTRUM Secure Domain Manager Daemon
Before=runlevel3.target
Before=runlevel5.target
Before=shutdown.target
After=network-online.target
Wants=network-online.target
Conflicts=shutdown.target

[Service]
Type=forking
Restart=no
TimeoutSec=5min
IgnoreSIGPIPE=no
KillMode=process
GuessMainPID=no
RemainAfterExit=yes
ExecStart=/bin/bash /opt/CA/SDMConnector/bin/sdmconnector.sh start
ExecStop=/bin/bash /opt/CA/SDMConnector/bin/sdmconnector.sh stop

[Install]

WantedBy=multi-user.target

This is resolved in 25.4.1.  On 24.x we need to work around it as follows.

PREREQUISITES:

• Access to the non-root user account (e.g., [user-account])

• Correct installation directories owned by the non-root user

• Standard text editor (vi/nano)

STEPS:

1. MODIFY SERVICE CONFIGURATION: Update the systemd user service file to ensure compatibility with RHEL8 target structures․

   Path: ~/.config/systemd/user/sdmconnector.service

   Change the following line in the [Install] section: From: WantedBy=multi-user.target To: WantedBy=default.target

   EXPECTED: The service is now targeted for the default user session rather than the system-level multi-user state․

2. ENABLE USER LINGER: Allow the user process to persist and start without an active interactive session․

   Command: loginctl enable-linger [user-account]

   EXPECTED: The system permits user services to run in the background after boot without manual login․

3. ALTERNATIVE CONFIGURATION (IF NEEDED): Use a streamlined service file if the default configuration fails to initialize․
   
   

   [Unit]
Description=SPECTRUM Secure Domain Manager Daemon
# User services should only reference user-level targets
After=network.target

   [Service]
Type=forking
# Ensure the path below is 100% correct
ExecStart=/opt/CA/SDMConnector/bin/sdmconnector.sh start
ExecStop=/opt/CA/SDMConnector/bin/sdmconnector.sh stop
Restart=on-failure
KillMode=process
# forking services usually need systemd to find the PID
GuessMainPID=yes

   [Install]
# This is correct for --user services
WantedBy=default.target

    

VERIFY SUCCESS:

• Run: systemctl --user enable sdmconnector.service

• Run: systemctl --user status sdmconnector.service

• Reboot the server and verify the process starts automatically․

NON-ROOT SILENT INSTALLATION STEPS:

1. VERIFY USER/GROUP: Use 'getent group' and 'getent passwd' to verify the [user-account] and group exist (including LDAP entries)․

2. PREPARE HOSTS: Ensure /etc/hosts contains all SpectroSERVERs and SDC servers with [hostname] and [IP-address]․

3. DIRECTORY SETUP: Create and chown /opt/SPECTRUM and temporary media directories to the [user-account]․  e.g. 

   mkdir /local/install_media ; sudo chown -R spectrum:spectrum /local/install_media
   mkdir /local/install_tmp ; sudo chown -R spectrum:spectrum /local/install_tmp
   mkdir /opt/SPECTRUM ; chown -R spectrum:spectrum /opt/SPECTRUM

4. PRE-INSTALL SCRIPT: Run <install_media>/sdmc/linux/bin/sdmc_nonroot_prepost_install.sh as root (Option 1)․

5. EXECUTE INSTALL: Run ./install.bin -i Silent -DTRAPX_ENABLE=true -DUSER_INSTALL_DIR="/opt/CA/SDMConnector"․
   remove  -DTRAPX_ENABLE=true for SDM install.

6. POST-INSTALL SCRIPT: Run the prepost script (Option 2) as root, then enable the service via systemctl --user․

   systemctl --user enable sdmconnector.service
   systemctl --user status sdmconnector.service

7. loginctl enable-linger spectrum