Error Message

Description

Some daemon processes on the remote host are associated with programs that have been installed manually.

System administration best practice dictates that an operating system's native package management tools be used to manage software installation, updates, and removal whenever possible.

Solution

Use packages supplied by the operating system vendor whenever possible. And make sure that manual software installation agrees with your organization's acceptable use and security policies.

Risk Factor Low

Plugin Output

The following running daemons are not managed by RPM : /opt/VRTSvcs/bin/vcsauth/vcsauthserver/bin/vcsauthserver

VCS distributes VxAT.tar.gz, which is a component of the VRTSvcs rpm and contains the vcsauthserver binary and AT-related libraries. So the binaries do not belong to VRTSvcs rpm, but VxAT.tar.gz does.

It is merely a warning that a binary was manually installed rather than through an RPM.

VCS supports two modes of security: Secure and Non-secure mode. The vcsauthserver binary is required only in secure mode to authenticate the internal services and for SSL communication.

The VxAT tar file is extracted by the CPI only when the product is configured in secure mode. Since these binaries are not needed in non-secure mode, we do not put the binaries directly as part of rpm.

NOTE: When the product is uninstalled, we make sure that we delete the vcsauthserver binary and all related AT libraries.