When the rpm package is installed, by default the PCA is installed in /usr/local/ctccap
. In addition to the installation directory, other changes are made to the system.
The package creates the log file directory in /var/log/tealeaf
by default, if it does not exist.
- In earlier versions of the PCA, the log directory was
/usr/local/ctccap/logs
. - When you upgrade from an old installation with a non-empty
/usr/local/ctccap/logs
directory, the package uses the existing directory instead of the newer/var/log/tealeaf
directory. This behavior is intended to avoid surprising the user by leaving old log files in the old directory (/usr/local/ctccap/logs
) and writing new log files to the new default (/var/log/tealeaf
).Note: This check for
/usr/local/ctccap/logs
is independent of the installation prefix that is chosen for installation for upgrade. If you install Passive Capture into/opt/tealeaf
, the package still looks for a non-empty directory/usr/local/ctccap/logs
.
The tealeaf-pca files are currently unused and are reserved for future use. The tealeaf-web files are used by the default httpd.conf
for the Web Console. The tealeaf-tts files are provided for convenience in configuring SSL connections with the TeaLeaf Transport Service. The /usr/local/ctccap/etc
directory is normally writable by root and the capture user, ctccap
.
- Install crontab file:
/etc/cron.d/tealeaf
. The crontab file schedules the execution of "tealeaf cron" as user root. - Install the following initialization scripts in
/etc/init.d
:tealeaf-pca
tealeaf-startup
- Create the
capture.log file
in the log file directory, if the file does not exist.
The package performs the following actions that modify directories and files outside of the installation prefix.
- Create group ctccap if it does not exist.
- Create user ctccap if it does not exist.
- Set
/usr/local/ctccap/bin/listend
and/usr/local/ctccap/bin-debug/listend
as setuid root (required for listend to open eth devices for packet sniffing; drops down to user ctccap after you open the eth devices). - Remove PHP session files in
/tmp
; they are assumed to be PHP session files for the Passive Capture Web Console. - Update
/etc/syslog.conf
(if needed) to ensure that it contains an entry for facility local0 to filecapture.log
in the log file directory. - Restart syslogd to force it to reload its configuration and use any changes that are made to
/etc/syslog.conf
. - Add the file
/etc/ld.so.conf.d/tealeaf.conf
or modify/etc/ld.so.conf
to point to/usr/local/ctccap/lib
to ensure that shared libraries are linked correctly at runtime.
Comments
0 comments
Please sign in to leave a comment.