14 Jul 2017 03:30 PM
What additional hardening is performed by the SELinux component of the Dynatrace Managed Server install. Can you provide a list that can be sent to our Security team, as it may be that default hardening as part of the install meets security requirements.
Solved! Go to Solution.
14 Jul 2017 03:57 PM
The following system files and directories can be modified during installation of Dynatrace Managed:
/etc/hosts
/etc/sysctl.conf
/etc/pam.d/su
/etc/rc.local
/etc/security/limits.conf
/etc/security/limits.d/
90
-nproc.conf
/etc/sudoers
/etc/sudoers.d/
/etc/init.d/
/etc/init.d/rc*.d/
/etc/systemd/system/
Additionally, we need to configure firewall settings as stated here:
https://help.dynatrace.com/dynatrace-managed/dynat...
You may also have a look here:
/opt/dtrun/dtrun.conf
to see what scripts are executed that may modify a system.
Hope that helps! If you have more questions, feel free to ask.
18 Jul 2017 10:59 AM
There is no separated component like SELinux of Dynatrace Managed Server install. The general requirements that must be met before installation are listed here:
https://help.dynatrace.com/dynatrace-managed/dynatrace-server/how-do-i-install-dynatrace-server/
18 Jul 2017 11:06 AM
@Radoslaw S. @Monika A. Apologies, this was meant to be instance hardening performed by the OneAgent install. I can open a new forum question if appropriate.
18 Jul 2017 11:25 AM
OneAgent installation is described here:
https://help.dynatrace.com/get-started/installation/how-do-i-install-dynatrace-oneagent/
18 Jul 2017 11:30 AM
@Monika A. Thank you, will investigate further and get back to you.