IBM Support

How to uninstall Guardium S-TAP manually if the uninstaller gets problems

Troubleshooting


Problem

We'd like to uninstall Guardium S-TAP which was installed via GIM, but there is an issue with our network and therefore we can't do it via GIM. In this situation, how do we uninstall Guardium S-TAP directly on the DB server?

Symptom

There is a problem between the S-TAP on DB server and the Guardium appliance, such that we can't un-install the S-TAP from the Guardium GUI console using GIM.

Resolving The Problem

The following is based on an AIX Server - used as an example .

Please attempt the following steps to clean up Guardium modules from the DB server.


1. Attempt an un-install of S-TAP via GIM. See the following manual page for details.
    https://<your_guardium>:8443/help/html/main/gim_gui.htm

    Proceed to the next step even if the above doesn't work.


2 Uninstall GIM client

    2.1 Logon to the DB server as user root

    2.2 Issue the following to uninstall the GIM client.
      <installation_directory>/modules/GIM/current/uninstall.pl

        Refer to the following manual page for details.
        https://<your_guardium>:8443/help/html/main/gim_installation.htm

      [NOTE] <installation_directory> is something like this:
        /usr/local/guardium/


3 (Optional) This is a workaround to be taken only if the S-TAP uninstaller in step 1 didn't work.

    3.1 Unload the driver:
      <installation_directory>/modules/KTAP/current/guard_ktap_loader stop


    3.2 Delete all the S-TAP and GIM entries in /etc/inittab

    3.3 Remove /etc/drivers/aix_ktap.* and /etc/drivers/guard_ktap_loader

    3.4 Edit /etc/rc and remove the following line at the end of the file
      /etc/drivers/guard_ktap_loader start


    3.5 Remove the device file: /dev/ktap_<some_number>

    3.6 Remove the directory <installation_directory> with the files under the directory.

    3.7 Remove /etc/upguard-init - the Guardium GIM init provoker

4. Reboot the system - This action will unload K-TAP completely and reload /etc/inittab

    4.1 Ensure K-TAP is not loaded any more by issuing
      genkex | grep tap

    4.2 Ensure there is no S-TAP entry and no install_assist entry in /etc/inittab



5. Reset Client from Guardium GUI

    5.1 Navigate to Administration Console > Module Installation > Setup By Client > Search

    5.2 Check the checkbox of the DB server where you un-installed GIM, then press "Reset Client".

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"}],"Version":"9.0;8.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21651902

Page Feedback