Hi sso,
You are running Red Hat Enterprise Linux 5.7
Linux kernel 2.6.18-274.el5 includes the kernel security and bug fix updates. (.7)
This should not be an issue since you are using RHEL 5.7 (RHEL 5 Tikanga)
We do have a small disclaimer on the platform support matrix:
32. Supported with all Red Hat updates. Any problems reported will be fixed on the latest Red Hat update. Security Enhanced Red Hat Linux is supported, please see vendor’s documentation for setup instructions to enable third-party processes (such as SiteMinder) to run on the system.
Not to worry, let’s move on..
>>>>>>>>>>
Few questions...
Is apache running in prefork or worker mode? Please send the output of:
/usr/sbin/apachectl -V (capitol V)
This will tell you if you are running RedHat apache in 32 or 64 mode, and which MPM (prefork or worker)
Please see my Tuesday Tip write up “Apache - prefork vs. worker mode, how to check mode and more”
98293078
This will provide greater detail between the two modes and how to switch easily in RedHat. (Default is prefork I believe on RHEL 5, if multi proc machine with no crashes, thread safe libraries and no php, you should HIGHLY consider worker MPM.
Back on topic
1.)
Per the platform support matrix we support 32 bit and 64- RHEL RedHat Apache 2.2.x using 6QMR5CR21 (CR23 for 64-bit) or greater... So yes, a 6QMR6 agent should work.
2.)
Looking at your httpd.conf, prefork and worker mode MPMs both seem to have some tuning to make. Check out apache.org
3.)
User is apache per httpd.conf
4.)
Server path....is ServerPath="/etc/httpd/conf"
Make sure the ServerPath variable is set in the WebAgent.conf(correct). Do not add this setting to the LocalConfig.conf or AgentConfigurationObject.
The value you set for the ServerPath parameter must be:
A.) a full path name to a directory or file (correct)
B.) accessible (allow read and write permissions) for the user account that the system uses to run the Web server. Also, all directories listed in the path leading to the file must be searchable. However, read, write, or execute permission of the named file itself is not required.
C.) unique among the instances running on the system
ls -al /etc/httpd/conf
drwxr-xr-x 4 apache apache
drwxr-xr-x 19 apache apache
This is 755 (read, write, execute - read execute - read execute) owned by apache user/ apache group (same as your httpd.conf)
5.)
Does the hostname “sjrhsrc1” exist on the policy server? (Admin ui > Trusted Hosts)
6.)
Do you have an AgentConfigObject="sjrhsrc_aco" (Admin ui > Agent Conf objects)
7.)
Do ls -al on /opt/netegrity/webagent/config/SmHost.conf check the permissions –should be at least readable by everyone if other agents are using this file. 644 -rw-r--r-- (read write, read, read) **Note, this is for Static keys only..Let me know if you are using Dynamic
8.)
ls -al on your WebAgent.conf should be at least -rw-rw-r-- apache apache (664)
9.)
Check your hostconfigobject="HostSettings" in the admin ui (Admin ui > Host Conf Objects) Does HostSettings exist?
Hopefully this resolves your issue, otherwise please open a case so support can review your agent log, agent trace log, apache access/error logs, etc
Feel free to mention my name in the case and I will review as well.
Good luck!
Peter
PS Please post back what resolves your issue for other users.. Thanks again :)