Interactive Versus Packaged Installation

All Privilege Management for Unix and Linux flavors can be installed by using an interactive program that presents you with a series of options. Your choices determine the details of the Privilege Management for Unix and Linux installation for a particular host.

The client registration facility can be used to automate the installation of new clients by downloading the default configuration from the primary license server. Options are defaulted within the interactive installation, and shared encryption keys are copied over.

For certain flavors, Privilege Management for Unix and Linux can be installed by using package installers. Package installers enable you to choose the options once, and then install that configuration of Privilege Management for Unix and Linux non-interactively on multiple identical hosts. Using package installers also takes advantage of the operating system’s installation management system, which tracks the source of installed files and enables their safe removal.

Package installers are available for the following flavors:

  • Solaris 9, 10, and 11 on x86 and SPARC
  • Red Hat Enterprise Linux 5, 6, and 7 on x86, x86_64, ia64, and S/390
  • AIX 5.3, 6.1, and 7.1+ on a POWER 64-bit computer.
  • HP-UX 11i v2 and 11i v3.

AIX package installers are compatible with or without workload partitions (WPARs). WPARs exist only in AIX v6.1+.

Interactive and Packaged Installations on the Same Computer

Although it is possible to combine interactive and packaged Privilege Management for Unix and Linux installations on the same computer, we do not recommend this practice. If both interactive and packaged installations are present, and you remove the packaged installation, the shared libraries are removed even though they are needed by the interactive installation. This behavior is inherent in all package installations and is not specific to Privilege Management for Unix and Linux.

In the case of SELinux, if you attempt to perform a package installation on a computer that already has an interactive installation present, the package installation is not allowed. The reason for this limitation is that the SELinux Privilege Management for Unix and Linux packages can fail to install because RPM does not have the permissions to change SELinux file types that are already installed.

If you must combine interactive and packaged Privilege Management for Unix and Linux installations on the same computer, follow these recommendations:

  • For the interactive installation, use a prefix and suffix installation.
  • Install the shared libraries for the interactive and packaged installations in separate directories, by doing one of the following:
    • In the interactive installation, specify an alternative shared library directory with the BeyondTrust built-in third-party library directory menu item.
    • Use the relocatable base directory feature of the package installer.

Privilege Management for Unix and Linux SELinux policies are no longer provided. When installing Privilege Management for Unix and Linux on Red Hat Enterprise Linux (RHEL) 5 with SELinux enabled and using the targeted policy, Privilege Management binaries run unconfined.

Prefix and Suffix Installations

Privilege Management for Unix and Linux can be installed with prefixes or suffixes to create unique installations for multiple installs or for ease of identification.

Prefixes and suffixes cannot be used with any of the package installers.

For instructions about using prefixes and suffixes for a Privilege Management for Unix and Linux installation, please see Prefix and Suffix Installation Instructions.