Installation Environment Setup
Preparing Command Dependencies
- For open-source and third-party dependency software integrated by users, track the vulnerabilities and issues in the corresponding community and fix them in a timely manner. You can confirm the known vulnerabilities of the corresponding open-source software version on the CVE official website, and fix the vulnerabilities through version upgrade or patch package update.
- Open-source and third-party software supports insecure items, such as cryptographic algorithm suites (e.g. cipher suite that contains the CBC symmetric cryptographic algorithm), protocols (e.g. TLS 1.0 and TLS 1.1), and all-zero listening. Before using them, perform strict security hardening and fix related issues.
The following dependencies must exist in the environment. For details about some installation modes, see Installing Command Dependencies.
Dependency |
Description |
Command Check |
|---|---|---|
cat |
Reads and merges files and writes their contents to the standard output. |
A built-in system command. If this command is damaged, manually replace the binary file to ensure that it is available. |
arch |
Obtains system architecture information. |
A built-in system command. If this command is damaged, manually replace the binary file to ensure that it is available. |
file |
Obtains file information. |
A built-in system command. If this command is damaged, manually replace the binary file to ensure that it is available. |
docker |
Executes the docker command. |
Run the docker command to check whether Docker has been installed. If the docker command exists, Docker has been installed. If no Docker group exists in the environment, run the groupadd -g docker command to create a Docker group. |
dmidecode |
Obtains host hardware information through the DMI. |
Run the dmidecode command to check whether dmidecode has been installed. If the dmidecode command exists, dmidecode has been installed. |
systemctl |
Manages system services. |
Run the systemctl command to check whether systemctl has been installed. If the systemctl command exists, systemctl has been installed. |
useradd |
Creates a user account. |
Run the useradd command to check whether useradd has been installed. If the useradd command exists, useradd has been installed. |
iptables |
Processes and forwards network packets. |
Run the iptables command to check whether iptables has been installed. If the iptables command exists, iptables has been installed. |
(Optional) haveged |
KMC encryption depends on random numbers. To prevent exhaustion of random numbers, you are advised to install haveged. |
Run the ps -axu | grep haveged command to check whether haveged has been installed. If havaged is displayed in the command output, it has been installed and you do not need to install it again. |
(Optional) sqlite |
Backs up a database to prevent it from being damaged during database backup or restoration. |
Run the sqlite3 command to check whether sqlite has been installed. If the sqlite3 command exists, sqlite has been installed. |
(Optional) rsync |
Backs up logs to prevent logs in the temporary file system from being lost due to device restart. |
Run the rsync command to check whether rsync has been installed. If the rsync command exists, rsync has been installed. |