Enabling sensor auto-start on a Linux system

The following procedure has been tested with Red Hat® Enterprise Linux®; there might be some variation for other Linux varieties. Review these steps with your system administrator before you make any changes.

To enable Fortify ScanCentral SAST sensor auto-start on a Linux system:

1. Log in to the machine as “root.”

2. Run the visudo command to edit the sudoers file and disable requiretty.

   Defaults !requiretty

   You can also disable requiretty per user.

3. Set auto-start as follows:

   1. Verify the command invocation from the console (modify it based on your install directory).

      sudo -u <username> -- <sast_install_dir>/bin/ScanCentral -url <controller_url> worker > <sast_install_dir>/bin/workerout.txt 2>&1  &

      • Add the sudo command to the end of the file (add it before the line exit 0 if it exists).
      • The ampersand (&) at the end enables the machine to start up even if sensor startup fails or hangs.
      • The double-dash (--) is important to separate the options for sudo from the options for your service.

   2. Make the change to the startup file.

      Make sure that you do not change anything else in your bootup script.

      vi /etc/rc.d/rc.local

4. Check the setup:

   1. Reboot and log in to the machine as “root.”

   2. To verify the processes under root, type:

      ps -x | grep java

   3. Verify that the output shows that the sensor is not started under root.

   4. To verify the processes under the user, type:

      sudo -u <username> ps x | grep java

   5. Verify that the output displays the sensor process.

   6. To verify the existence and contents of the script output file, type:

      tail -f /opt/<sast_install_dir>/bin/workerout.txt

      For example:

      tail -f /opt/Fortify/OpenText_SAST_Fortify_25.2.0/bin/workerout.txt