Secure Data Connector (Deprecated)

Secure Data Connector Developer's Guide: Installing

The Secure Data Connector (SDC) is an open source downloadable application that enables authorized Google Apps users to access resources from behind a firewall.

The information in this section helps you install, start, and stop the SDC on Linux.

For system requirement information, see Prerequisites in the Overview.

Contents

  1. Installing SDC from a Debian Package
  2. Installing SDC from a Binary Archive
  3. Building SDC from Source on RHEL/CentOS/Fedora
  4. Building SDC from Source on Debian/Ubuntu

Installing SDC from a Debian Package

This is useful for users of Debian or its popular derivative Ubuntu.

Requirements:

To install SDC:

  1. Download the following SDC Debian package from
    http://code.google.com/p/google-secure-data-connector/downloads/list
    :
    google-secure-data-connector_<version>-<release>_all.deb
  2. Acquire root permissions with the sudo -s command to perform the installation operations.
  3. If not already installed, install Java JRE 1.6.
    You can use the following command to install this software:
    apt-get install sun-java6-jre
  4. Install the SDC Debian package:
    dpkg -i google-secure-data-connector_<version>-<release>_all.deb

See Configuring for how to set up and configure SDC for site-specific settings.

Installing SDC from a Binary Archive

This is useful for Linux users who do not want to manually compile SDC. It assumes that you will extract the provided archive to a secure location and manage that yourself outside of your distribution's package management framework.

Requirements:

To install SDC:

  1. Download the following SDC ZIP archive from
    http://code.google.com/p/google-secure-data-connector/downloads/list
    :
    google-secure-data-connector_<version>-<release>.zip
  2. If not already installed, install Java JRE 1.6. You will need to follow your Linux vendor's instructions on how to do this.
  3. Extract the archive to a secured location.
    SDC=/opt/google/secure-data-connector/<version>
    SDC_ARCHIVE=/tmp/google-secure-data-connector-<version>-<release>.zip
    
    sudo mkdir -vp "${SDC}"
    
    cd "${SDC}"
    
    sudo unzip -v "${SDC_ARCHIVE}"
      
    The location /opt/google/secure-data-connector/<version> is recommended per proper systems administration hygiene of the Linux Filesystem Hierarchy Standard.
  4. Set the requisite permissions for the installed location.

    Pre-compiled SDC binary archives default to using the user daemon. This can be changed by modifying bin/runclient.sh, uncommenting the OVERRIDE_USER and OVERRIDE_GROUP directives and setting them to a site-specific value—e.g., securedataconnector. See the following snippet from bin/runclient.sh for how to accomplish such an override.

    # $Id: runclient.sh-dist 508 2009-11-11 01:11:52Z matt.proud $
    
    # For local modifications, please set these variables here.
    OVERRIDE=USER=securedataconnector
    OVERRIDE_GROUP=securedataconnector
    # OVERRIDE_JAVABIN=
    # OVERRIDE_LIBDIR=
    # OVERRIDE_RUNDIR=
    # OVERRIDE_SYSCONFDIR=
      

    Should you decide to override, it is recommended that you create a separate, secured user account solely for SDC.

    Now that you have decided which user to run SDC as, set the permissions:

    # These values could differ if you choose to override the defaults.
    
    USER=daemon
    GROUP=daemon
    
    # Set the ownership for the installed package.
    sudo chown -R ${USER}:${GROUP} "${SDC}"
    
    # Set the permissions of the configurations such that nobody else can read them.
    sudo chmod u=rw,g=r,o= "${SDC}/etc"/*
    
    # Set the permissions to be fundamentally restrictive to prevent intrusion.
    # Owner may read, write, or change into directory.  Group may read or change
    # into directory.  Others may not enter or enumerate directory contents.
    sudo chmod u=rwx,g=rx,o= "${SDC}"
    
    # Set the sticky bit on all SDC directories as to ensure that only the owner
    # may delete or rename files.
    sudo find "${SDC}/" -type d -exec chmod +t '{}' ';'
    
    # Set the setuid and setgid bit on the directories to ensure that all new files
    # are created under the base owner's aegis.
    sudo find "${SDC}/" -type d -exec ug+s '{}' ';'
      

See Configuring for how to set up and configure SDC for site-specific settings.

Building SDC from Source on RHEL/CentOS/Fedora

This is useful for users of Red Hat Enterprise Linux, CentOS, or Fedora.

Requirements:

To build SDC from source:

  1. Download the following SDC source package from
    http://code.google.com/p/google-secure-data-connector/downloads/list
    :
    google-secure-data-connector-<version>-<release>-src.tar.gz
  2. Acquire root permissions with the sudo -s command to perform the installation operations.
  3. Download Java JDK v6 RPM and install:
    chmod 755 jdk-6u12-linux-i586-rpm.bin
    ./jdk-6u12-linux-i586-rpm.bin
  4. Download Apache Ant 1.7 and install:
    mkdir ~/ant
    tar -xzf apache-ant-1.7.1-bin.tar.gz -C ~/ant
    PATH=$PATH:~/ant/apache-ant-1.7.1/bin
  5. Download SDC source files and extract to ~/source:
    mkdir ~/source
    tar -xzf google-secure-data-connector-*-src.tar.gz -C ~/source
    cd ~/source/data-connector
  6. Create local accounts to run the SDC:
    adduser --home-dir=/home/securedataconnector --shell=/bin/bash securedataconnector
    
  7. Run the configuration script to create the proper build and installation file:
    ./configure.sh --user=securedataconnector --group=securedataconnector
    • Installs to the Linux Standard Base paths.
    • Run as the user securedataconnector

  8. If enabled, disable SELinux. Running on a system enabled for SELinux is not supported.
    If SELinux is enabled, follow these steps to disable it:
    setup
    Select Firewall configuration
    Select Run Tool
    Select SELinux: Permissive
    Select Ok
    Select Quit
    
  9. Build and install SDC using the following command:
    ant install

See Configuring for how to setup configure SDC for site-specific settings.

Building SDC from Source on Debian/Ubuntu

This is useful for users of Debian or its popular derivative Ubuntu.

Requirements:

To build SDC from source on Ubuntu:

  1. Download the following SDC source package from
    http://code.google.com/p/google-secure-data-connector/downloads/list:
    google-secure-data-connector-<version>-<release>-src.tar.gz
  2. Acquire root permissions with the sudo -s command to perform the installation operations.
  3. Download the Java JDK v6 RPM and install using the following command:
    apt-get install sun-java6-jdk

    Note: On older distributions of Ubuntu, you may need install back ports of the sun-java6-jdk using apt or download the ports from Sun at http://java.sun.com/javase/downloads/index.jsp.

    Use a text editor such as vim to edit /etc/apt/source.list and uncomment out the back port sources and save the apt-get update.

  4. Download Ant 1.7 and install using the following commands:
    mkdir ~/ant
    tar -xzf apache-ant-1.7.1-bin.tar.gz -C ~/ant
    PATH=$PATH:~/ant/apache-ant-1.7.1/bin
  5. Extract the SDC source files using the following commands:
    mkdir ~/source
    tar -xzf google-secure-data-connector-*-src.tar.gz -C ~/source
    cd ~/source/data-connector
  6. Create local accounts to run the SDC:
    adduser --home-dir=/home/securedataconnector --shell=/bin/bash securedataconnector
    

    Note: The user name woodstock-user is required. The home directory path is based on the installation prefix defined when you build the source. This example user home directory is based on using the --lsb default install path. If you skip this step when you run the Ant install process, it will provide you with the proper adduser example based on your install prefix.

  7. Run the configuration script to create the proper build and installation file:
    ./configure.sh --user=securedataconnector --group=securedataconnector
    • Installs to the Linux Standard Base paths.
    • Run as the user securedataconnector

  8. Build and install SDC using the following command:
    ant install

See Configuring for how to setup configure the SDC with site-specific settings.

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.