Basic pbinstall Information

The following list provides basic information about the pbinstall script:

  • The pbinstall script is located in the Privilege Management for Unix and Linux distribution in the powerbroker/<version>/<flavor>/install directory.
  • pbinstall can be run from a Privilege Management for Unix and Linux distribution CD or from an unpacked tar file. The pbinstall install script guides you through the installation and enables you to specify which Privilege Management for Unix and Linux components to install.
  • Run pbinstall on each machine that needs Privilege Management for Unix and Linux components installed.
  • Superuser authority is required to run pbinstall. Before running pbinstall, either log on as root or use the su command to acquire root privileges.
  • pbinstall can be run with various options.

For more information, please see Installation Programs.

Navigate the pbinstall Menu and Choose Option Values

The pbinstall script presents options in a numbered menu. Because of the large number of options, the menu is divided into pages. You use the navigation characters listed below to navigate the pages. To use a navigation character, type the character and press Enter.

The navigation characters are as follows:

  • C: Continue installation
  • N: Next menu page
  • P: Previous menu page
  • R: Redraw menu (not shown due to space limitations)
  • X: Exit script without performing any configuration

To set the value of a menu option, type the number for that option and press Enter. Specify the value for the option and press Enter. For Yes and No options, you can specify N, n, Y, or y.

You might also see the following prompts, which are synonymous:

  • Press return to continue
  • Hit return to continue

Review the messages preceding these prompts on the screen. Press Return, Enter, <carriage return>, or <line feed> for the installation process to continue.

pbinstall Installation Menu Conventions

Conventions for the pbinstall installation menu include the following:

  • Some options are displayed only if other options or the system configuration allow them.
  • The item numbers vary with the configuration of the installation target system.
  • The step numbers for the basic Privilege Management for Unix and Linux installation instructions do not necessarily match the option numbers in the pbinstall installation script.
  • If the current value of an option forces the line to be longer than 80 characters, the value within the square brackets is truncated and appended with ellipsis (…).
  • Menu pages are limited to a maximum of 18 items. To view additional options, use the navigation characters: N (for next page) or P (for previous page).
  • The values that are shown in the installation menu are examples and not necessarily the defaults or recommended values for your system. Your defaults and existing values (on a re-installation) will appear in the appropriate places when pbinstall executes.
  • Yes and No answers are not case-sensitive and may be abbreviated as y and n.
  • pbinstall is designed for 24 line by 80 column displays. Using a larger display is also supported.
  • pbinstall does not support smaller displays.
  • Although white space, line terminators, and shell (sh) meta characters are usually allowed in file and directory names, Privilege Management for Unix and Linux does not support them. Do not use them in Privilege Management for Unix and Linux file or directory names.

Installation Events Using pbinstall

When pbinstall runs, the following actions occur:

  • If client registration is used:
    • The /etc/pb.settings file is downloaded from the primary license server.
    • The /etc/pb.key (or equivalent) is downloaded from the primary license server.
  • If SSL is enabled the SSL server certificates are downloaded from the primary license server.
    • The REST services daemon (pbconfigd) is installed and configuration made to the operating system to enable service management through the native operating system service manager. REST services are not fully supported on macOS.
  • The /etc/pb.settings file is created. It contains various parameters and settings that Privilege Management for Unix and Linux uses at run time. Privilege Management for Unix and Linux cannot run without this file.
  • The installation process also creates a work file, /etc/pb.cfg. The pb.cfg file is used to locate the Privilege Management for Unix and Linux components during upgrades and uninstalls.
  • The /etc/pb.key file is created. It stores the encryption key. This step is completed only if the Privilege Management for Unix and Linux encryption option is selected.
  • If you choose to add entries to /etc/services, then the following two steps are performed:
    • The /etc/services file is backed up to /etc/services.sybak.####. The installation script backs up files using the name format {original_name}.sybak.####, where #### is a number between 0000 and 9999. By default, up to 10 of these files are kept in the directory. This backup method is especially advantageous when performing multiple installations and uninstalls.
    • Entries are added to the /etc/services file for pbmasterd, pblocald, pblogd, pbguid, and pbsguid.
  • If the system uses inetd.conf for superdaemon configuration, then the following three steps are performed. If the system uses xinetd.conf, then similar steps are performed.
    • The /etc/inetd.conf file is backed up to a file called: /etc/inetd.sybak.####.
    • Entries are added to the inetd.conf file. These entries enable inetd to start instances including:
      • pbmasterd: Validate a monitored task request.
      • pblocald: Execute a monitored task request that has been accepted by pbmasterd.
      • pblogd: Perform logging.
      • pbguid: Run the Privilege Management for Unix and Linux administration GUI.
      • pblighttpd: Run Privilege Management REST services. REST Services are not fully supported on macOS.
    • The inetd superdaemon restarts.
  • The appropriate Privilege Management for Unix and Linux programs and online man pages are copied to the specified installation directories.
  • During the installation, you have the option to view the generated install script. This option is only for troubleshooting by BeyondTrust Technical Support; the generated install script contains thousands of lines of code.