Basic pbinstall Information
The following list provides basic information about the pbinstall script:
- The pbinstall script is located in the Endpoint Privilege Management for Unix and Linux distribution in the powerbroker/<version>/<flavor>/install directory.
- pbinstall can be run from an Endpoint Privilege Management for Unix and Linux distribution CD or from an unpacked tar file. The pbinstall install script guides you through the installation and enables you to specify which Endpoint Privilege Management for Unix and Linux components to install.
- Run pbinstall on each machine that needs Endpoint Privilege Management for Unix and Linux components installed.
- Superuser authority is required to run pbinstall. Before running pbinstall, either log on as root or use the su command to acquire root privileges.
- pbinstall can be run with various options.
For more information, see Installation Programs.
Navigate the pbinstall Menu and Choose Option Values
The pbinstall script presents options in a numbered menu. Because of the large number of options, the menu is divided into pages. You use the navigation characters listed below to navigate the pages. To use a navigation character, type the character and press Enter.
The navigation characters are as follows:
- C: Continue installation
- N: Next menu page
- P: Previous menu page
- R: Redraw menu (not shown due to space limitations)
- X: Exit script without performing any configuration
To set the value of a menu option, type the number for that option and press Enter. Specify the value for the option and press Enter. For Yes and No options, you can specify N, n, Y, or y.
You might also see the following prompts, which are synonymous:
- Press return to continue
- Hit return to continue
Review the messages preceding these prompts on the screen. Press Return, Enter, <carriage return>, or <line feed> for the installation process to continue.
pbinstall Installation Menu Conventions
Conventions for the pbinstall installation menu include the following:
- Some options are displayed only if other options or the system configuration allow them.
- The item numbers vary with the configuration of the installation target system.
- The step numbers for the basic Endpoint Privilege Management for Unix and Linux installation instructions do not necessarily match the option numbers in the pbinstall installation script.
- If the current value of an option forces the line to be longer than 80 characters, the value within the square brackets is truncated and appended with ellipsis (…).
- Menu pages are limited to a maximum of 18 items. To view additional options, use the navigation characters: N (for next page) or P (for previous page).
- The values that are shown in the installation menu are examples and not necessarily the defaults or recommended values for your system. Your defaults and existing values (on a re-installation) will appear in the appropriate places when pbinstall executes.
- Yes and No answers are not case-sensitive and may be abbreviated as y and n.
- pbinstall is designed for 24 line by 80 column displays. Using a larger display is also supported.
- pbinstall does not support smaller displays.
- Although white space, line terminators, and shell (sh) meta characters are usually allowed in file and directory names, Endpoint Privilege Management for Unix and Linux does not support them. Do not use them in Endpoint Privilege Management for Unix and Linux file or directory names.
For more information, see the following:
- On a basic installation, Step-by-Step Instructions for a Basic Installation Using pbinstall
- On advanced installation options, Advanced Installation Instructions Using pbinstall
- Endpoint Privilege Management for Unix and Linux Sudo Manager Administration Guide
Installation Events Using pbinstall
When pbinstall runs, the following actions occur:
- If client registration is used:
- The /etc/pb.settings file is downloaded from the primary license server.
- The /etc/pb.key (or equivalent) is downloaded from the primary license server.
- If SSL is enabled the SSL server certificates are downloaded from the primary license server.
- The REST services daemon (pbconfigd) is installed and configuration made to the operating system to enable service management through the native operating system service manager.
- The /etc/pb.settings file is created. It contains various parameters and settings that Endpoint Privilege Management for Unix and Linux uses at run time. Endpoint Privilege Management for Unix and Linux cannot run without this file.
- The installation process also creates a work file, /etc/pb.cfg. The pb.cfg file is used to locate the Endpoint Privilege Management for Unix and Linux components during upgrades and uninstalls.
- The /etc/pb.key file is created. It stores the encryption key. This step is completed only if the Endpoint Privilege Management for Unix and Linux encryption option is selected.
- If you choose to add entries to /etc/services, then the following two steps are performed:
- The /etc/services file is backed up to /etc/services.sybak.####. The installation script backs up files using the name format {original_name}.sybak.####, where #### is a number between 0000 and 9999. By default, up to 10 of these files are kept in the directory. This backup method is especially advantageous when performing multiple installations and uninstalls.
- Entries are added to the /etc/services file for pbmasterd, pblocald, pblogd, pbguid, and pbsguid.
- If the system uses inetd.conf for superdaemon configuration, then the following three steps are performed. If the system uses xinetd.conf, then similar steps are performed.
- The /etc/inetd.conf file is backed up to a file called: /etc/inetd.sybak.####.
- Entries are added to the inetd.conf file. These entries enable inetd to start instances including:
- pbmasterd: Validate a monitored task request.
- pblocald: Execute a monitored task request that has been accepted by pbmasterd.
- pblogd: Perform logging.
- pblighttpd: Run Endpoint Privilege Management REST services.
- The inetd superdaemon restarts.
- The appropriate Endpoint Privilege Management for Unix and Linux programs and online man pages are copied to the specified installation directories.
- During the installation, you have the option to view the generated install script. This option is only for troubleshooting by BeyondTrust Technical Support; the generated install script contains thousands of lines of code.
