M2M_Client SElink Agent on Rocky Linux 8.9
Platform : Rocky-8.9-x86_64-minimal
Agent Ver : B5_m2mClient-1_6_1-Rocky_x64
Update Rocky linux Repository
sudo dnfinstall dependency package
dnf install compat-openssl10 libidn
make sure the SElinux run on permisive mode
setenforce 0
Create a folder (e.g. /root/selink) with the m2m agent binary and the configuration file om.b5.
add execution permission
chmod a+x B5_m2mClient-1_6_1-Rocky_x64
make file om.b5
nano /root/selink/om.b5
selink2.graha-infracom.com:25004
execute the binary
./B5_m2mClient-1_6_1-Rocky_x64
Make SELink as linux service
make file start.sh on /root/selink
$sudo nano /root/selink/start.sh
#!/bin/sh
export LD_LIBRARY_PATH=/root/selink
/root/selink/B5_m2mClient-1_6_1-Rocky_x64
Create a file describing the SElink service in /etc/systemd/system/selink.service
$ sudo nano /etc/systemd/system/selink.service
[Unit]
Description=SElink Agent
[Service]
CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_FSETID CAP_KILL CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_LINUX_IMMUTABLE CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_ADMIN CAP_NET_RAW CAP_IPC_LOCK CAP_IPC_OWNER CAP_SYS_MODULE CAP_SYS_RAWIO CAP_SYS_CHROOT CAP_SYS_PTRACE CAP_SYS_PACCT CAP_SYS_ADMIN CAP_SYS_BOOT CAP_SYS_NICE CAP_SYS_RESOURCE CAP_SYS_TIME CAP_SYS_TTY_CONFIG CAP_MKNOD CAP_LEASE CAP_AUDIT_WRITE
AmbientCapabilities=CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN
User=root
RuntimeDirectory=/root/selink
WorkingDirectory=/root/selink
Restart=on-failure
RuntimeDirectoryMode=0700
ExecStart=/root/selink/start.sh
Restart=always
[Install]
WantedBy=multi-user.target
Alias=selink.service
enable the service
sudo systemctl enable selink.service
start the service
sudo systemctl start selink.service
check status service