Configuring RedHat for Oracle Enterprise Manager agent install

So, I had to get Oracle Enterprise Manager Agent going on bunch of servers running RedHat 5.8. The agent would be pushed out to the client servers using OEM. I guess I had seen a better thought out software in my time.

Anyways, the environment was fairly restrictive. Thankfully, the machines were managed using RedHat Network Satellite so reconfiguring a bunch of machines all at once was not a big deal.

This is mostly for my reference. Hopefully, it will save a few gray hairs to someone else as well… First I created a dedicated user for the agent:

[root@vm-prd-001 ~]# useradd -u 203 -m oem
[root@vm-prd-001 ~]# echo "umask 0022" >> /home/oem/.bashrc

I assigned oem user some long randomly generated password and passed it onto DBA.

Then I had to open some firewall ports on the client system so OEM agent could be pushed out:

-A OUTPUT -p tcp -d 10.10.10.200/32 --dport 1159 -m state --state NEW -j ACCEPT
-A OUTPUT -p tcp -d 10.10.10.200/32 --dport 1521 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 10.10.10.200/32 --dport 3872 -i eth0 -m state --state NEW -j ACCEPT

The IP address in the lines above is the IP address of the OEM server itself. Finally, so that the agent install would actually work, I had to add the following to /etc/sudoers file:

Defaults:oem !requiretty,visiblepw
oem ALL = (oracle) /usr/bin/id, /bin/ps, /bin/chmod, /bin/cp, /bin/mkdir, /bin/rm, /bin/tar, /opt/oracle/product/12.1.0/agent/agent_inst/bin/emctl, /opt/oracle/product/12.1.0/agent/ADATMP_[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[AP]M/agentDeploy.sh, /opt/oracle/product/12.1.0/agent/ADATMP_[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[AP]M/prereq_stage/core/12.1.0.[0-9].0/oui/bin/runInstaller, /opt/oracle/product/12.1.0/agent/ADATMP_[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[AP]M/unzip, /opt/oracle/product/12.1.0/agent/ADATMP_[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[AP]M/unzipTmp/unzip, /opt/oracle/product/12.1.0/agent/sbin/nmosudo
oem ALL = (root) /usr/bin/id, /opt/oracle/product/12.1.0/agent/ADATMP_[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9]-[AP]M/agentdeployroot.sh, /opt/oracle/product/12.1.0/agent/core/12.1.0.1.0/root.sh

Especially the Defaults line is priceless…