Help Center

Recommendations for UNIX/Linux Servers

Prognosis User

The software should be installed as a non-root user in a distinct group, created specifically to install and administer Prognosis. 

The same user account should be used to install and run the Prognosis service, however ‘root’ privileges are required for certain components of the installation and patching process. See Elevated Processes below.

The Prognosis user and group names must be 8 characters or less in length. Prognosis should also not be run with any monitored application user, however the Prognosis user can belong to other groups.

Example:

user PRGN in group PRGN.

Elevated Processes

There are some processes that do require elevated permissions in order for the processes to perform correctly, and therefore these processes are owned by the ‘root’ user. By setting the SETUID flag on these processes, this will allow the process to run with elevated privileges. This ownership and the SETUID flag is setup during installation and patching.

The following list of processes require elevated permissions:

Executable NamePurpose of ExecutableReason for Root
irautoanAnalyst and Threshold process - generates alerts based on specific data conditions.Required for running OS shell and executing commands
iravcolAvailability collectorPort monitoring
ircmdsrvResponsible for creating OS shells for executing commands.Required for running OS shell and executing commands
irdspsrvDispatch Manager process. Sends emails and pager alerts in response to threshold requests.Needs to listen on port 110 for incoming email (POP)
irebcoleBusiness Collector - Websphere Application ServerAllows purging of application log files if configured to do so.
irinvokeUsed to perform actions, such as patch installation.Allows switching to root and running commands. eg: install patch.
irlsofIR's implementation of lsof.Data sources require root privileges.
irlsof-aix61Version specific implementation of irlsofData sources require root privileges.
irmulticolCollector for many different Records, including Unix Process, Unix Users, etcData sources require root privileges.
irmulticol2Collector for many different Records, including Unix CPU, Unix Kernel, etcData sources require root privileges.
irnetmonNetwork Monitoring collectorNeeds to 'listen' on ports lower than 1024
irnetrtr

Maintains all server connections, internally and remote

Needs setuid in order to manage other processes that run setuid. Also need access for multicasting (auto discovery).
irpacecolCustomisable Collector, usually used by consulting servicesDepends on gatherers used within solution. Eg. SNMP Traps in
irpcloadUtility to load kernel module for Transient Process CollectorNeed to load a module into the kernel for transient process information.
irpromgrProcess Manager - monitors and restarts internal processesNeeds setuid in order to manage other processes that run setuid.
irsnmptrSNMP Traps In collector. Receives and processes incoming SNMP traps.Needs to 'listen' on port lower than 1024
irtecadTivoli Adapter - Used to send alerts to Tivoli Enterprise ConsoleTivoli Interface. May need to listen on port lower than 1024.
irudgcolCollects OS data, similarly to those available via SARData sources require root privileges.
iruxdevscanDevice Scanner - collects information on Physical and Logical VolumesData sources require root privileges.
iruxerrptmonIR's implementation of errpt for system log file informationData sources require root privileges.
iruxfspcolFile System Performance CollectorData sources require root privileges.


Provide feedback on this article