Troubleshooting
Problem
We'd like to uninstall Guardium S-TAP and GIM, but there is an issue with our network and therefore we can't do it via GIM. In this situation, how do we uninstall Guardium S-TAP and GIM directly on the DB server?
Symptom
There is a problem between the S-TAP on DB server and the Guardium appliance, such that we can't un-install the S-TAP from the Guardium GUI console using GIM.
Resolving The Problem
The steps differ on different operating systems because there are different methods of ensuring that services/processes begin with the system startup. A list of these can be found here:
How the Guardium S-TAP Process is handled throughout OS versions
The above technote is referenced here so these steps can be applied to any UNIX OS. In addition this technote contains walkthrough examples for Red Hat Linux 5, 6 and 7 . If you are using AIX, please refer to How to uninstall Guardium S-TAP manually if the uninstaller gets problems - AIX.
The following steps will clean up Guardium modules from the DB server.
1. Attempt an un-install of S-TAP via GIM.
See the following manual page for details. Using IBM Guardium Installation Manager
Proceed to the next step even if the above doesn't work.
2 Uninstall GIM client
2.1 Logon to the DB server as user root
2.2 Issue the following to uninstall the GIM client.
<installation_directory> /modules/GIM/current/uninstall.pl
Refer to the following manual page for more details. IBM Guardium Installation Manager
[ NOTE] <installation_directory> is something like this:
/usr/local/guardium/
3 (Optional) The following steps are workaround to be taken only if the S-TAP uninstaller in step 1 didn't work.
3.1 Unload the ktap module:
<installation_directory> /modules/KTAP/current/guard_ktap_loader stop
3.2 Stop the GIM and STAP service/processes. See start/stop methods of each facility here for general instructions for any UNIX OS.
3.2.1 For RHEL 5:
If you installed the agent through GIM:
- i) Find the inittab - /etc/inittab
ii) Delete the line beginning "gim:..."
iii) Delete the line beginning "gsvr:..."
Here are examples of GIM and Guardium Supervisor processes in the inittab:
gim:2345:respawn:/usr/opt/perl5/bin/perl
/opt/IBM/GIM/modules/GIM/8.2.00_r38049_1-1362445863/gim_client.pl
gsvr:2345:respawn:/opt/IBM/GIM/modules/perl
/opt/IBM/GIM/modules/SUPERVISOR/9.0.0_r43212_1-13624464/guard_supervisor
- i) Find the inittab - /etc/inittab
ii) Delete the line beginning "utap:..."
Here is an example of the STAP process in the inittab:
utap:2345:respawn:/usr/local/guardium_v82_r57354/guardium/guard_stap/guard_stap /var/guard_tap.ini
init q
ps -ef | grep guard_stap
This would provide the process ID for this process:
root 22598 22582 0 May06 ?/usr/local/guardium_v82_r57354/guardium/guard_stap/guard_stap /var/guard_tap.ini
Once the process ID has been found (the first number out of the two above), kill the process:
kill -9 22598
The equivalent must be done for a GIM installation.
3.2.2 For RHEL 6:
If you installed the agent through GIM:
- ls -ltr /etc/init | grep gim
ls -ltr /etc/init | grep gsvr
If you installed the agent through command line:
- ls -ltr /etc/init | grep utap
For each service, do stop [service name] where [service name] is the result of the above ls -ltr results in /etc/init.
3.2.3 For RHEL 7:
If you installed the agent through GIM:
systemctl is-active guard_gim.service
systemctl is-active guard_gsvr.service
Stop the services:
systemctl stop guard_gim.service
systemctl stop guard_gsvr.service
If you installed the agent through command line:
Check service status:
systemctl is-active guard_utap.service
Stop the service:
systemctl stop guard_utap.service
3.3 Remove the KTAP device file: /dev/ktap_ <some_number>
3.4 Remove the Guardium install directory <installation_directory> including all the files under the directory.
4. Reboot the system and make final checks
Reboot will unload K-TAP completely. It will also reload upstart (RHEL 6) and systemd (RHEL 7) - which is used to control processes and services that are started on system start.
4.1 Ensure K-TAP is not loaded any more by issuing
lsmod | grep tap
4.2 Ensure the services that were stopped in section 3.2 above are stopped based on the startup facility for your OS noted here.
4.2.1 For RHEL 5:
Check /etc/inittab to ensure that the lines are gone.
4.2.2 For RHEL 6:
Check the service list produced by the command below to ensure the services are "stopped" or not appearing.
initctl list
4.2.3 For RHEL 7:
Check the service list produced by the command below to ensure the STAP service is "activating" (which means its stopped). This is because it is set to auto restart, but will not activate.
systemctl -t service -a | grep guard_utap
Command to check if all services are stopped:
systemctl list-units --type service
5. Reset GIM Client from Guardium GUI
5.1 Navigate to Administration Console > Module Installation > Setup By Client > Search
5.2 Check the checkbox of the DB server where you un-installed GIM, then press " Reset Client".
Related Information
Was this topic helpful?
Document Information
Modified date:
12 December 2019
UID
swg21982923