Linux Agent Installation Checklist
Before Installation
Complete the following steps before you install the agent.
Verify that the Lacework agent supports the distribution installed on your machine. For more information, see Supported Operating Systems.
Verify that your machine can connect to the internet, and your proxy and firewall applications allow access to the URLs listed in Connectivity Requirements.
Use sed (GNU sed) version 4.2.2 or higher in the procedures.
Download the release package
release.tgz
(replacerelease
with the agent release number),checksum_sha256.txt
, andchecksum_sha256.txt.asc
files for a release from the Lacework Agent GitHub repository.- Go to Lacework Agent GitHub repository.
- Click Releases on the right frame to view the available agent releases.
- Find a release and click release.tgz (replace
release
with the agent release number) to download the file that contains the agent installer for the release. - For the same release, click on the checksum_sha256.txt and the checksum_sha256.txt.asc files to download the files.
- Create a temporary directory such as
~/lacework
and move therelease.tgz
,checksum_sha256.txt
, andchecksum_sha256.txt.asc
files to that directory.
Verify that the checksum in the
checksum_sha256.txt
file matches the checksum of therelease.tgz
file.- In a terminal window, go to the
~/lacework
directory.cd ~/lacework
- Verify that the release.tgz matches the checksum.If the verification is successful, the command displays
shasum -c checksum_sha256.txt
OK
.
- In a terminal window, go to the
Verify that the checksum is signed correctly.
Download the Lacework agent GPG key.
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 360D55D76727556814078E25FF3E1D4DEE0CC692
For RPM-based systems, use the following commands to download the GPG key:
wget https://packages.lacework.net/RPM-GPG-KEY-lacework
rpm --import RPM-GPG-KEY-laceworkVerify the signature.
gpg --verify checksum_sha256.txt.asc
If the verification is successful, the following is displayed:
gpg: assuming signed data in 'checksum_sha256.txt'
gpg: Signature made <TIMESTAMP>
gpg: using RSA key 360D55D76727556814078E25FF3E1D4DEE0CC692
gpg: Good signature from "Lacework Inc. <support@lacework.net>"
Unzip the
release.tgz
(replacerelease
with the agent release number) file into a temporary directory.Create an agent access token using the instructions in Create Agent Access Token.
In the Lacework Console, click the ... icon in the row for the token and select Copy to copy the access token for use during the installation process.
During Installation
- Install the agent only on the host on which containers are provisioned. Installing the agent on a host and also on any containers running on the host will result in increased memory and CPU usage proportional to the number of agents installed. This may cause significant resource usage on the host and degrade general system performance.