Site24x7 Linux Agent modifications to "/etc/passwd" and "/etc/shadow" files - FIM Events
Scenario
You may see the Site24x7 Linux agent modifying files associated with the operating system.
Reason
The /etc/passwd and /etc/shadow files are critical operating system files that store user account information on a server. The Site24x7 Linux agent interacts with these files specifically to manage the site24x7-agent user account, which is essential for its proper functioning and security.
The Site24x7 Linux agent will modify the /etc/passwd and /etc/shadow files exclusively for the site24x7-agent user under the following circumstances:
- Upon installation of the Site24x7 Linux agent on a server, the agent utilizes the useradd command to create the dedicated site24x7-agent user. This action results in the creation of a new entry for the site24x7-agent user, including its details, within both the /etc/passwd and /etc/shadow files.
- When the Site24x7 Linux agent is upgraded to version 19.6.0 or any subsequent version from an older release, a modification occurs in the /etc/passwd file. The purpose of this modification is to change the "site24x7-agent" user's login shell to /sbin/nologin. This change enhances security by preventing direct interactive logins for the agent user, a feature supported from the Linux agent version 19.6.0 onwards.
- During the uninstallation process of the Site24x7 Linux agent, the agent executes the "userdel" command to remove the "site24x7-agent" user account from the server. The execution of the "userdel" command subsequently modifies both the /etc/passwd and /etc/shadow files to remove the corresponding user entries.
All modifications detailed above are strictly limited to the "site24x7-agent" user. This is because the agent specifically invokes the "useradd" and "userdel" utilities with the "site24x7-agent" username specified, ensuring that no other user accounts are affected.
Action
No action is required from your end.
Related Articles
How to uninstall the Site24x7 Windows Server Monitoring Agent
Method 1: To uninstall the Site24x7 Windows Server Monitoring Agent, click the link below: https://staticdownloads.site24x7.com/server/Site24x7WindowsAgentUninstall.zip Unzip and execute the Uninstall.bat file in the Command Prompt as an ...Prerequisites for Node.js agent installation
For a smooth Node.js agent installation, ensure that you've fulfilled the following prerequisites. The environment should have node version 16.20.2 or above installed. The application user should have full permission to access the agent directory. ...How to generate a HAR file?
HTTP Archive (HAR) stores all web requests made by the browser, including: The request and response headers and bodies. Connection, response, and download times. Failed requests or network errors. HAR files help troubleshoot issues related to speed, ...Add Node.js agent in Kubernetes via InitContainers (using prebuilt agent image)
To integrate the APM Insight Node.js agent into your Kubernetes applications using InitContainers, follow the steps given below: Step 1: Create an empty volume that will be used to copy the agent files during the initContainers process. Example: ...Basic troubleshooting tips for the APM Insight Node.js agent
If you are experiencing issues after installing the APM Insight Node.js agent, follow these troubleshooting tips. Verify agent installation and connectivity To verify the agent installation status, you can execute the following command from the root ...