Movere uses secure shell (SSH) to execute bash commands remotely. The Linux user account used must be able to execute these commands from the device the Movere Console is being run from.
The Linux commands Movere uses include:
- uname: This command serves two roles: 1) confirming the devices name, and, 2) identifying the device’s architecture (32- vs 64 bit) to determine which Movere Linux bot to use to scan the device.
- pidof: This command checks to see if a Movere Linux bot is already running on the device. If there is one, then it returns the bot’s process ID.
- kill: This command is only used if the pidof command finds a Movere bot already running on the device. If there is, then it is terminated so that a new scan can be started. This is mostly used when a customer runs a Linux PoC and starts ARC’ing for three days, then after just one day they want to start a Linux ARC scan for 30 days. Instead of waiting another two days and starting a new scan, a new Linux scan can simply be started any time and the prior scan will be terminated in favor of the new one. On the Windows platform, the user needs to break the token and wait 20+ mins for the Windows bots to dissolve, then they can start a new one.
- which: This command identifies the location of the commands Movere will attempt to use. You could use this command: ‘which uname, pidof, sudo, kill, chmod, nohup’ to find the location of each. If a location is returned for each then that user account will be able to run a Movere Linux scan.
- nohup: This command is used because the Movere Linux bot runs in the background by default. If the user logs out from the session, or their connection is prematurely terminated, then the process will be terminated or hung up. This command keeps that from happening.
- chmod: This command makes the Movere Linux bot executable on the system being scanned. If the user account can change the bot’s mode to executable ‘chmod 755’ then the bot will run. If they cannot, then the scan will not start.
- sudo: This command elevates the user to admin. This is NOT required. The only data point Movere may not capture if sudo is not available is the target device’s UUID/serial number. This is NOT a mandatory field, and is only used to link VMs when the devices are cloned, and the clone is given the same fully-qualified name and MAC address as the original (this rarely occurs).
Once the Movere Linux bot is made executable, it will then use the following commands locally on the targeted device to collect the required inventory and resource consumption data:
- lsb. cat, whoami, hostname, grep, lshal, awk, dmidecode, ifconfig (usually /sbin/ifconfig), ip (usually /sbin/ip), lsblk, df, ps, dpkg-query, rpm, test, find, netstat, gpg, gpg2
NOTE: These commands are not run during each Linux scan; some depend on the output of a previous command.