Interactive Versus Packaged Installation

All Endpoint Privilege Management for Unix and Linux flavors can be installed by using an interactive program that presents you with a series of options. Your choices determine the details of the Endpoint Privilege Management for Unix and Linux installation for a particular host.

The client registration facility can be used to automate the installation of new clients by downloading the default configuration from the primary license server. Options are defaulted within the interactive installation, and shared encryption keys are copied over.

For certain flavors, Endpoint Privilege Management for Unix and Linux can be installed by using package installers. Package installers enable you to choose the options once, and then install that configuration of Endpoint Privilege Management for Unix and Linux non-interactively on multiple identical hosts. Using package installers also takes advantage of the operating system’s installation management system, which tracks the source of installed files and enables their safe removal.

For more information, see Supported Platforms.

Interactive and Packaged Installations on the Same Computer

Although it is possible to combine interactive and packaged Endpoint Privilege Management for Unix and Linux installations on the same computer, we do not recommend this practice. If both interactive and packaged installations are present, and you remove the packaged installation, the shared libraries are removed even though they are needed by the interactive installation. This behavior is inherent in all package installations and is not specific to Endpoint Privilege Management for Unix and Linux.

In the case of SELinux, if you attempt to perform a package installation on a computer that already has an interactive installation present, the package installation is not allowed. The reason for this limitation is that the SELinux Endpoint Privilege Management for Unix and Linux packages can fail to install because RPM does not have the permissions to change SELinux file types that are already installed.

If you must combine interactive and packaged Endpoint Privilege Management for Unix and Linux installations on the same computer, follow these recommendations:

  • For the interactive installation, use a prefix and suffix installation.
  • Install the shared libraries for the interactive and packaged installations in separate directories, by doing one of the following:
    • In the interactive installation, specify an alternative shared library directory with the BeyondTrust built-in third-party library directory menu item.
    • Use the relocatable base directory feature of the package installer.

Endpoint Privilege Management for Unix and Linux SELinux policies are no longer provided. When installing Endpoint Privilege Management for Unix and Linux on Red Hat Enterprise Linux (RHEL) 5 with SELinux enabled and using the targeted policy, Endpoint Privilege Management binaries run unconfined.

Prefix and Suffix Installations

Endpoint Privilege Management for Unix and Linux can be installed with prefixes or suffixes to create unique installations for multiple installs or for ease of identification.

Prefixes and suffixes cannot be used with any of the package installers.

For instructions about using prefixes and suffixes for an Endpoint Privilege Management for Unix and Linux installation, see Prefix and Suffix Installation Instructions.