Endpoint Privilege Management for Unix and Linux pbinstall Installation Menu
The pbinstall script is a comprehensive list of the installation menu options and default prompts. The items displayed vary depending on your system, options selected, and any settings that are found from a current or removed Endpoint Privilege Management for Unix and Linux installation. The values used here are for demonstration purposes and are not necessarily the defaults or recommended values for a given installation.
The following list shows all the menu options. However, the menu option numbers that you see might differ from this list, depending on your Endpoint Privilege Management for Unix and Linux flavor.
| Opt | Description | [Value] |
|---|---|---|
|
1 |
Install Everything Here (Demo Mode)? | [yes] |
|
2 |
Install License Server? | [yes] |
|
3 |
Install Registry Name Services Server? | [no] |
|
4 |
Install Client Registration Server? | [yes] |
|
5 |
Install Policy Server Host? | [yes] |
|
6 |
Allow Policy & Log Caching? | [yes] |
|
7 |
Enable Role-Based Policy? | [yes] |
|
8 |
Install Run Host? | [yes] |
|
9 |
Install Submit Host? | [yes] |
|
10 |
Enable Policy & Logs Caching for client? | [yes] |
|
11 |
Install PBSSH? | [yes] |
|
12 |
Install sudo Policy Server? | [yes] |
|
13 |
Install Log Host? | [yes] |
|
14 |
Enable Logfile Tracking and Archiving? | [yes] |
|
15 |
Is this a Log Archiver Storage Server? | [yes] |
|
16 |
Is this a Log Archiver Database Server? | [yes] |
|
17 |
Install File Integrity Monitoring Policy Server? | [yes] |
|
18 |
Install REST Services? | [yes] |
|
19 |
List of License Servers? | [kandor] |
|
20 |
Central License | [] |
|
21 |
Enable License History? | [no] |
|
22 |
Installation base directory? | [/opt/pbul] |
|
23 |
Database directory? | [/opt/pbul/dbs] |
|
24 |
Path to Password Safe 'pkrun binary' | [] |
|
25 |
Password Safe certificate file | [] |
|
26 |
Primary failover Password Safe appliances | [] |
|
27 |
Support short names in Password Safe certificate? | [no] |
|
28 |
Install Synchronization program? | [yes] |
|
29 |
Install Utilities: pbvi, pbnvi, pbmg, pbumacs, pbless | [yes] |
|
30 |
Install pbksh? | [yes] |
|
31 |
Install pbsh? | [yes] |
|
32 |
Install man pages? | [yes] |
|
33 |
Will this host use a Log Host? | [yes] |
|
34 |
AD Bridge Integration? | [yes] |
|
35 |
Install AD Bridge? | [no] |
|
36 |
Enable failover event logging to AD Bridge? | [yes] |
|
37 |
Enable successful connection event logging to AD Bridge? | [yes] |
|
38 |
Enable event logging to AD Bridge? | [no] |
|
39 |
AD Bridge shared libraries | [/opt/pbis/lib64/libeventlo...] |
|
40 |
Integration with BeyondInsight? | [yes] |
|
41 |
Send event log records to BeyondInsight? | [yes] |
|
42 |
BeyondInsight hostname | [none] |
|
43 |
BeyondInsight Workgroup ID | [BeyondTrust Workgroup] |
|
44 |
BeyondInsight SSL port number | [443] |
|
45 |
BeyondInsight SSL Client Certificate | [none] |
|
46 |
BeyondInsight SSL CA file | [none] |
|
47 |
Index IO Logs using Solr? | [yes] |
|
48 |
Solr hostname | [none] |
|
49 |
Solr SSL port number | [8443] |
|
50 |
Solr SSL CA file | [none] |
|
51 |
Solr SSL Client key file | [none] |
|
52 |
Solr SSL Client Certificate file | [none] |
|
53 |
Registry Name Service database path? | [/opt/pbul/dbs/pbsvc.db] |
|
54 |
Client Registry database path? | [/opt/pbul/dbs/pbregclnt.db] |
|
55 |
sudo policy database file path and filename? | [/opt/pbul/dbs/pbsudo.db] |
|
56 |
Directory location for sudo policy files? | [/opt/pbul/sudoersdir] |
|
57 |
Synchronization program can be initiated from this host? | [yes] |
|
58 |
Daemons location | [/usr/sbin] |
|
59 |
Number of reserved spaces for submit process information of pbmasterd, pblogd, and pblocald | [80] |
|
60 |
Administration programs location | [usr/bin] |
|
61 |
User programs location | [usr/local/bin] |
|
62 |
Policy include (sub) file directory | [/opt/pbul/policies] |
|
63 |
Policy file name | [/opt/pbul/policies/pb.conf] |
|
64 |
User man page location | [/usr/local/man/man1] |
|
65 |
Admin man page location | [/usr/local/man/man8] |
|
66 |
Log Archive Storage Server name | [] |
|
67 |
Log Archive destination directory? | [/var/log/pblogarchive] |
|
68 |
Log Archiver Database Server name | [] |
|
69 |
Log Tracking Database file path and filename? | [/opt/pbul/dbs/pblogarchive.db] |
|
70 |
Enable Caching of Log Locations? | [yes] |
|
71 |
Event Logfile Name Cache Database file path? | [/opt/pbul/dbs/pblogcache.db] |
|
72 |
I/O Logfile Name Cache Database file path? | [/opt/pbul/dbs/pbiologcache.db] |
|
73 |
REST Service installation directory? | [/usr/lib/beyontrust/pb/rest] |
|
74 |
Install REST API sample code? | [no] |
|
75 |
REST API sample code directory? | [/usr/local/lib/pbrest] |
|
76 |
Pblighttpd user | [pblight] |
|
77 |
Create Pblighttpd user? | [yes] |
|
78 |
Pblighttpd user UID | [] |
|
79 |
Pblighttpd user GID | [] |
|
80 |
Pblighttpd user group name | [pblight] |
|
81 |
File Integrity Monitor db path? | [/opt/pbul/dbs/pbfim.db] |
|
82 |
Configure systemd? | [yes] |
|
83 |
Command line options for pbmasterd | [-ar] |
|
84 |
Policy Server Delay | [500] |
|
85 |
Policy Server Protocol Timeout | [-1] |
|
86 |
pbmasterd diagnostic log | [/var/log/pbmasterd.log] |
|
87 |
Eventlog filename | [/var/log/pb.eventlog] |
|
88 |
Configure eventlog rotation via size? | [] |
|
89 |
Configure eventlog rotation path? | [] |
|
90 |
Configure eventlog rotation via cron? | [no] |
|
91 |
Validate Submit Host Connections? | [no] |
|
92 |
List of Policy Servers to submit to | [kandor] |
|
93 |
pbrun diagnostic log? | [none] |
|
94 |
pbssh diagnostic log? | [none] |
|
95 |
Allow Local Mode? | [yes] |
|
96 |
Additional secured task checks? | [no] |
|
97 |
Suppress Policy Server host failover error messages? | [yes] |
|
98 |
List of Policy Servers to accept from | [kandor] |
|
99 |
pblocald diagnostic log | [/var/log/pbocald.log] |
|
100 |
Command line options for pblocald | [] |
|
101 |
Syslog pblocald sessions? | [no] |
|
102 |
Record PTY sessions in utmp/utmpx? | [yes] |
|
103 |
Validate Policy Server Host Connections? | [no] |
|
104 |
List of Log Hosts | [kandor] |
|
105 |
Command line options for pblogd | [] |
|
106 |
Log Host Delay | [500] |
|
107 |
Log Host Protocol Timeout | [-1] |
|
108 |
pblogd diagnostic log | [/var/log/pblogd.log] |
|
109 |
List of log reserved filesystems | [none] |
|
110 |
Number of free blocks per log system filesystem | [0] |
|
111 |
Command line options for pbsyncd | [] |
|
112 |
Sync Protocol Timeout | [-1] |
|
113 |
pbsyncd diagnostic log | [/var/log/pbsyncd.log] |
|
114 |
pbsync diagnostic log | [/var/log/pbsync.log] |
|
115 |
pbsync sychronization time interval (in minutes) | [15] |
|
116 |
Add installed shells to /etc/shells | [no] |
|
117 |
pbksh diagnostic file | [/var/log/pbksh.log] |
|
118 |
pbsh diagnostic file | [/var/log/pbsh.log] |
|
119 |
Stand-alone pblocald command | [none] |
|
120 |
Stand-alone root shell default iolog | [/pbshell.iolog] |
|
121 |
Use syslog? | [yes] |
|
122 |
Syslog facility to use? | [LOG_AUTHORITY] |
|
123 |
Base Daemon port number | [24345] |
|
124 |
pbmasterd port number | [24345] |
|
125 |
pblocald port number | [24346] |
|
126 |
pblogd port number | [24347] |
|
127 |
pbguid port number | [24348] |
|
128 |
REST Service port number | [24351] |
|
129 |
Add entries to '/etc/services' | [yes] |
|
130 |
Allow non-reserved port connections | [yes] |
|
131 |
Inbound Port range | [1024-65535] |
|
132 |
Outbound Port range | [1025-65535] |
|
133 |
Network encryption options | [aes-256:keyfile=/etc/pb.key] |
|
134 |
Event log encryption options | [none] |
|
135 |
I/O log encryption options | [none] |
|
136 |
Policy file encryption options | [none] |
|
137 |
Settings file encryption type | [none] |
|
138 |
REST API encryption options | [aes-256:keyfile=/etc/pb.re...] |
|
139 |
Configure with Kerberos v5? | [yes] |
|
140 |
Policy Server Daemon Kerberos Principal | [pbmasterd] |
|
141 |
Local Daemon Kerberos Principal | [pblocald] |
|
142 |
Log Daemon Kerberos Principal | [pblogd] |
|
143 |
Sync Daemon Kerberos Principal | [pbsyncd] |
|
144 |
Kerberos Keytab File | [/etc/krb5.keytab] |
|
145 |
Enforce High Security Encryption? | [yes] |
|
146 |
SSL Configuration? | [requiressl sslfirst] |
|
147 |
SSL pbrun Certificate Authority Directory? | [none] |
|
148 |
SSL pbrun Certificate Authority File? | [none] |
|
149 |
SSL pbrun Cipher List? | [cipherlist=TLSv1.2:!SSLv2:...] |
|
150 |
SSL pbrun Certificate Directory? | [none] |
|
151 |
SSL pbrun Certificate File? | [none] |
|
152 |
SSL pbrun Private Key Directory? | [none] |
|
153 |
SSL pbrun Private Key File? | [none] |
|
154 |
SSL pbrun Certificate Subject Checks? | [none] |
|
155 |
SSL Server Certificate Authority Directory | [none] |
|
156 |
SSL Server Certificate Authority File? | [none] |
|
157 |
SSL Server Cipher List? | [cipherlist=TLSv1.2:!SSLv2:...] |
|
158 |
SSL Server Certificate Directory? | [none] |
|
159 |
SSL Server Certificate File? | [/etc/pbssl.pem] |
|
160 |
SSL Server Private Key Directory? | [none] |
|
161 |
SSL Server Private Key File? | [/etc/pbssl.pem] |
|
162 |
SSL Server Certificate Subject Checks? | [none] |
|
163 |
SSL Certificate Country Code | [US] |
|
164 |
SSL Certificate State/Province | [AZ] |
|
165 |
SSL Certificate Location (Town/City) | [Phoenix] |
|
166 |
SSL Certificate Organizational Unit/Department | [Security] |
|
167 |
SSL Certificate Organization | [BeyondTrust] |
|
168 |
Configure Privilege Management for Unix & Linux with LDAP? | [yes] |
|
169 |
Install BeyondTrust built-in third-party libraries? | [no] |
|
170 |
BeyondTrust built-in third-party library directory | [/usr/lib/beyondtrust/pb] |
|
171 |
Kerberos shared library default directory | [none] |
|
172 |
Kerberos libkrb5 shared library filename | [none] |
|
173 |
Kerberos libgssapi_krb5 shared library filename | [none] |
|
174 |
Kerberos libcom_err shared library filename | [none] |
|
175 |
Kerberos libk5crypto shared library filename | [none] |
|
176 |
SSL shared library default directory | [none] |
|
177 |
SSL libssl shared library filename | [none] |
|
178 |
SSL libcrypto shared library filename | [none] |
|
179 |
LDAP shared library default directory | [none] |
|
180 |
LDAP libldap shared library filename | [none] |
|
181 |
LDAP liblber shared library filename | [none] |
|
182 |
Use PAM? | [no] |
|
183 |
PAM service for password verification | [none] |
|
184 |
PAM session service | [none] |
|
185 |
PAM suppress password prompting? | [yes] |
|
186 |
PAM library file name | [none] |
|
187 |
Call pam_setcred? | [no] |
|
188 |
Enable non-PAM Solaris Projects? | [no] |
|
189 |
Solaris Projects library file name | [none] |
|
190 |
Allow Remote Jobs? | [yes] |
|
191 |
UNIX Domain Socket directory | [none] |
|
192 |
Reject Null Passwords? | [no] |
|
193 |
Enable TCP keepalives? | [no] |
|
194 |
Name Resolution Timeout | [0] |
