How to set folder permissions for the EventLog Analyzer installation directory: Linux OS
Objective
This document focuses on setting up folder permissions for the installation directory to ensure seamless usability and to secure the installation from unauthorized access. Unauthorized access to the installation directory could enable a user to tamper with the directory's contents, leading to security risks such as sensitive data exposure and operational risks such as making the product unusable. This document discusses the measures to prevent unauthorized users from accessing the EventLog Analyzer installation directory and modifying its contents.
Prerequisites
- Have access to the server where EventLog Analyzer is installed as an administrator.
Steps to follow
To prevent unauthorized access to the EventLog Analyzer installation directory for Linux, follow the steps below based on your build version of EventLog Analyzer.
Case 1: For new EventLog Analyzer installations, builds 12445 and above
For new installations of builds 12445 and above, only the following types of user accounts are automatically provided access to the installation directory:
- Root user
- User account used during product installation
Case 2: For existing EventLog Analyzer installations, builds lower than 12445
Unauthorized users can be prevented from accessing the EventLog Analyzer installation directory for builds lower than 12445 by setting up permissions using a .sh file.
With this method, access to the installation directory is automatically restricted to only the necessary accounts. There are two ways to do this:
Option 1: Update to build 12445. Navigate to the <Product Installation Directory>/bin folder (by default: /opt/ManageEngine/EventLog Analyzer/bin) and run the setAppPermission.sh file from an elevated Command Prompt.
Option 2: Download this zip file. Extract the zip and move setAppPermission.sh to the <Product Installation Directory>/bin folder. Run the setAppPermission.sh file from an elevated Command Prompt.
Tips
- Secure your installation with limited access to ensure data security and integrity.
- Use a service account to start the service and offer full control only to the service account and selective user accounts (for backup purposes).
New to ADSelfService Plus?
Related Articles
How to install EventLog Analyzer as service in Linux OS?
Objective This article offers step-by-step instructions to install EventLog Analyzer as service in Linux OS. Prerequisites Ensure access to EventLog Analyzer as Admin/sudo user to execute .bat or .sh files. Steps to follow Step 1: Access EventLog ...How to set folder permission for EventLog Analyzer installation directory: Windows
Objective This document focuses on setting up folder permission for the installation directory to ensure seamless usability and to secure the installation from unauthorized access. Unauthorized access to the installation directory could mean a user ...How to stop EventLog Analyzer | Windows OS
Objective This article offers step by step instructions for a clean shutdown of EventLog Analyzer application in Windows OS without disrupting the application. Prerequisites Need access to the EventLog Analyzer server installation folder, as well as ...Unable to start EventLog Analyzer
Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...Disk Space Alert: EventLog Analyzer Installation Drive Reaching Capacity Threshold
Issue description This document provides a technical overview, possible causes, recommended resolution steps, and best practices for handling the "Disk Space Alert: EventLog Analyzer Installation Drive Reaching Capacity Threshold" notification. This ...