Installation Directories

Privilege Management for Unix and Linux is not sensitive about the location of its binary files; you can place them in any convenient directory. However, there are a few points to consider when you are selecting installation directories:

  • It is important to install the Privilege Management for Unix and Linux pbrun and pbssh programs in a directory that is in the user’s path.
  • Online manuals (such as user man pages and Privilege Management for Unix and Linux documentation) should be accessible from every computer to enable users to get online help for Privilege Management for Unix and Linux programs.

Default Directories

The following table lists various Privilege Management for Unix and Linux components and their locations. The installation script uses these locations by default, but you can change them during installation. Usually /usr/local/bin is used for user programs and /usr/sbin for administrator and daemon programs (depending on the platform).

Default Directories for Privilege Management for Unix and Linux Components

Directory Files Description
/etc (v9.4.1 and earlier) /opt/pbul/policies (v9.4.3+) pb.conf

Default policy. Includes /etc/pb/pbul_policy.conf (v9.4.1 and earlier)

/opt/pbul/policies/pbul_policy.conf (v9.4.3+)

/etc/pb (v9.4.1 and earlier)

/opt/pbul/policies (v9.4.3+)

pbul_policy.conf

Main policy containing the following roles:

  • Helpdesk role
  • PBTest (connectivity test)
  • Controlled Shells
  • Admin Role- Demo Role

/etc/pb (v9.4.1 and earlier)

/opt/pbul/policies (v9.4.3+)

pbul_functions.conf Functions and procedures implementing the roles in pbul_policy.conf
/etc pb.key Encryption key
  pb.settings Privilege Management for Unix and Linux configuration file (server-side component)
  pbsudo.settings Privilege Management for Unix and Linux configuration file(client component)
/usr/adm, /var/adm, or /var/log pb.eventlog Default event log file
  pbguid.log GUI diagnostic log file
  pblocald.log pblocald diagnostic log file
  pblogd.log pblogd diagnostic log file
  pbmasterd.log pbmasterd diagnostic log file
  pbrun.log pbrun diagnostic log file
  pbssh.log pbssh diagnostic log file
  pbsguid.log Secure GUI diagnostic log file
  pbsync.log pbsync diagnostic log file
  pbsyncd.log pbsyncd diagnostic log file
/usr/local/bin pbbench Utility
  pbcall Utility
  pbksh Utility
  pbless Utility
  pbmg Utility
  pbnvi Utility
  pbrun Utility
  pbssh Utility
  pbumacs Utility
  pbsh Utility
  pbvi Utility
/usr/local/lib/pbbuilder   Contains the various GUI and pbguid components. Do not make any changes in this directory.
/usr/sbin pbdbutil Utility providingPrivilege Management database maintenance.
  pbcheck Utility
  pbencode Utility
  pbguid Daemon
  pbkey Utility
  pblocald Daemon
  pblog Utility
  pblogd Daemon
  pbmasterd Daemon
  pbpasswd Utility
  pbreplay Utility
  pbsum Utility
  pbsync Utility
  pbsyncd Daemon
  pbversion Utility
/opt/pbul/dbs pbsudo.db Database files generated and used by Privilege Management for Unix and Linux
  pbsvc.db  
  pbsvccache.db  
  pbdbsync.db  
  pbregclnt.db  
  pbrbpolicy.db  
  pbevent.db  
  pbfim.db  
  pbrstkeys.db  
  pblogarchive.db  
  pblogcache.db  

The default log directory varies by platform to match that platform’s conventions. The directories /usr/adm, /var/adm, and /var/log are used interchangeably throughout as the default location of the Privilege Management for Unix and Linux log files.