28 Sep 2017 08:09 AM
We installed OneAgent with the option -p to preserve policy sources
Ref FAQ.
How does the OneAgent affect SELinux-enabked systems ?
The OneAgent installation program modifies the SELinux security policy. It allows Dynatrace OneAgent to add its own library between the system and the monitored software.
We want to be as transparent as possible. You can use -p
parameter to preserve policy sources (by default they are purged at the end of installation). With this parameter you can check what we do to ensure that your security policy isn't harmed. Go to /opt/dynatrace/SELinuxPolicy
to investigate.
I did a test uninstall on 1 server:
./uninstall.sh
22:30:29 Checking root privileges...
22:30:29 OK
22:30:31 Removing entries for preloading...
22:30:31 Using systemd to stop the agent
22:30:47 Removing Dynatrace SELinux policies.
22:32:43 Removed dynatrace_oneagent module.
22:32:52 Removing oneagentproc from system folders
22:32:52 Removing folder /opt/dynatrace/oneagent/agent. Part of configuration preserved in /var/lib/dynatrace/oneagent
22:33:20 Done
So, is SELinux back to same status as before OneAgent was installed?
Doc ref.
https://help.dynatrace.com/get-started/installatio...
Solved! Go to Solution.
29 Sep 2017 06:42 AM
Hi Rolf,
Yes, the OneAgent SELinux policy is completely removed from your system upon uninstallation.
Regards,
Tomek