systemctl and Web Agent startup settings for Red Hat Apache Web Server 2.4.x

book

Article ID: 4165

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

 

We want to integrate the start of our Web Agent and Apache with
systemctl from RedHat. 

RedHat Enterprise Linux 7 (RHEL 7) introduced systemctl command to
start and stop a service program. Here is a command line to start Red
Hat Apache 2.4 Web Server.

# systemctl start httpd.service

In RedHat 6, the file 

  /etc/sysconfig/httpd 

may contain the below statement to source ”ca_wa_env.sh” script file.

   . /opt/CA/webagent/ca_wa_env.sh

However, in RedHat 7, the source statement does not work.

How can we set up Web Agent for Red Hat Apache 2.4 Web Server ?

 

Cause

 

In RedHat 7, only environment variables in the file

  /etc/sysconfig/httpd

may be defined. The source statement won't work.

 

Environment

 

Web Agent on Apache 2.4 on RedHat 7

 

Resolution

The resolution is to include the content of ”ca_wa_env.sh” script file
in /etc/sysconfig/httpd. Beware that ${VARIABLE} must be replaced with
the actual value. Especially for ${LD_LIBRARY_PATH} and ${PATH}, see
these values by ‘env’ command beforehand and be sure to add it. This
modification to the httpd file should be logically equal to sourcing
the shell script.

- Please note that the MIT Kerberos module was updated in the newer
  webagent agent versions. In the older agents (as recent as 12.52 SP1
  CR06), the Kerberos module is outdated if you use RedHat7.  If this
  is the case, modify LD_LIBRARY_PATH to include /lib64 in front of
  the webagent paths. This ensures that the Apache/RedHat 7 kerberos
  module gets loaded before the webagent's module.  The change is
  already included in the below example.  If this is not done, you may
  see errors relating to Kerberos modules failing to load.  For more
  information about the error, please review :

  Red Hat 7 Apache 2.4 startup fails when SSO Web Agent is installed - fails to load Kerberos module mod_auth_gssapi.so
  https://knowledge.broadcom.com/external/article?articleId=7209
  
A sample :

  Here is a sample of the contents of ”ca_wa_env.sh” which should be
  added in /etc/sysconfig/httpd. (Bold is effective and others are
  commented out)

  NETE_WA_ROOT=/opt/CA/webagent
  #export NETE_WA_ROOT
  NETE_WA_PATH=/opt/CA/webagent/bin
  #NETE_WA_PATH=${NETE_WA_ROOT}/bin
  #export NETE_WA_PATH

  CAPKIHOME=/opt/CA/webagent/CAPKI
  #export CAPKIHOME

  LD_LIBRARY_PATH=/usr/lib64:/opt/CA/webagent/bin:/opt/CA/webagent/bin/thirdparty 
  #LD_LIBRARY_PATH=${NETE_WA_ROOT}/bin:${NETE_WA_ROOT}/bin/thirdparty:${LD_LIBRARY_PATH}
  #export LD_LIBRARY_PATH

  PATH=/opt/CA/webagent/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin 
  #PATH=${NETE_WA_PATH}:${PATH}
  #export PATH

Additional Information

 

  Red Hat 7 Apache 2.4 startup fails when SSO Web Agent is installed - fails to load Kerberos module mod_auth_gssapi.so
  https://knowledge.broadcom.com/external/article?articleId=7209