Installation Programs
This section describes the Endpoint Privilege Management for Unix and Linux installation programs and their options.
pbinstall
pbinstall installs, updates, and configures all Endpoint Privilege Management for Unix and Linux products. pbinstall is a menu-driven, interactive installation script. It enables the superuser installer to install, update, or reconfigure Endpoint Privilege Management for Unix and Linux as required by configuration changes or updates. pbinstall properly configures (as appropriate) /etc/services, the superdaemon configuration files (/etc/inetd.conf and/or /etc/xinetd.conf), and Endpoint Privilege Management for Unix and Linux for most execution environments.
An initial screen of legal information and credits is displayed, followed by a check to determine if the VISUAL or EDITOR environment variables select the editor to use during the installation. If you have not set either of these environment variables, then you are prompted to supply the path to an editor, with vi as the default.
Endpoint Privilege Management for Unix and Linux is configured by a menu system with a menu of numbered selections and lettered options.
- To select an item to configure, type the number of that item and press ENTER to display the configuration prompts.
- To navigate the menu pages, use the following commands:
- C Continue installation
- N Next menu page
- P Previous menu page
- R Redraw menu (not shown due to space limitations)
- X Exit script without performing any configuration
- After C is selected, you are asked if the settings are acceptable. If you indicate that they are not, then pbinstall returns to the configuration menu.
- If the settings are acceptable, then pbinstall asks if you want to view the generated installation script.
The generated installation script contains thousands of lines of code; therefore, viewing this script is recommended for advanced users only. To view the script, type y.
- You are then asked if the generated installation script is to be executed. If it is not to be executed, then the name of that script is displayed and pbinstall exits. Otherwise, the script is immediately executed.
Multiple command line options can be used together. During an update installation, the –m, –l, –r, –g, and –i arguments have no effect and must be explicitly changed using the Endpoint Privilege Management for Unix and Linux installation menu for pbinstall.
An update installation is an installation in which the previous Endpoint Privilege Management for Unix and Linux version has not been uninstalled. It uses the same installation directories as the previous installation (including the untar and unpack occurring in the same directories as the previous installation if the distribution was using FTP), and uses the existing pb.settings, pb.key, and pb.conf files. If done properly, all (or almost all) of the previous installation parameters carry forward to the new installation.
Syntax
pbinstall [options]
pbinstall -h
pbinstall -L hostname
| Argument | Description |
|---|---|
| -a architecture |
This option and its required argument explicitly specify which Unix or Linux architecture file to install. If the –a option is used, then the installer compares the expected flavor and the flavor that is specified with the -a option and displays a warning if they do not match. In Endpoint Privilege Management for Unix and Linux v3.2 and earlier, the installation does not cross-check flavors. Beginning with Endpoint Privilege Management for Unix and Linux v3.5, the installation script cross-checks flavors. |
| -A | Sets the Application ID for client registration. |
| -b |
Runs pbinstall in batch mode. In batch mode, the specified existing and then default settings are automatically used. User intervention is not allowed and hit enter prompts are suppressed. This option also invokes -e. |
| -B |
Specify base daemon port number. |
| -c |
Causes pbinstall to skip the steps that process or update the Endpoint Privilege Management for Unix and Linux settings file (/etc/pb.settings). This option is often used during the upgrade of an existing Endpoint Privilege Management for Unix and Linux installation. The /etc/pb.settings file is not changed. It is backed up (to /etc/pb.settings.sybak.####) and replaced. Therefore, the creation and/or modification dates on the file may be changed. |
| -d |
Installs the static pbdemo.key for a fresh install. This keyfile is static and shipped as part of the tar file. Therefore it should only be used for demo purposes and should not be used in a production environment. |
| -D |
Sets the address for the primary license server for client registration. |
| -e | Runs pbinstall automatically by bypassing the menu step of pbinstall. Bypassing the pbinstall menu step makes it impossible to change installation options or configurations. |
| -g | Creates a log host (that is, installs pblogd). |
| -h | Prints the usage information for pbinstall and causes it to exit. |
| -i | Ignores previous pb.settings files. |
| -I 1 | Installs primary license server (infers -X and -Y). |
| -j <basedir> | This option defines the base directory for generated files/directories of Endpoint Privilege Management for Unix and Linux which overrides the default /opt/pbul directory. |
| -K | Sets the Application Key for client registration. |
| -l |
Creates a run host (that is, installs pblocald). |
| -L host |
This option with a following word argument specifies the hostname to be used in the logservers in pb.settings. A list of hosts can be specified by repeating the -L argument followed by the host: -L host1 -L host2 |
| -m | Creates a policy server host (that is, installs pbmasterd). |
| -M host |
This option with a following word argument specifies the hostame to be used in the acceptmasters and submitmasters in pb.settings. A list of hosts can be specified by repeating the -M argument followed by the host: -M host1 -M host2 |
| -N |
Set the Registration Profile name for client registration. |
| -O |
Install the Endpoint Privilege Management for Unix and Linux sudo wrapper. This option cannot be combined with other pbinstall options because sudo wrapper should be installed only after the other components are installed and configured. Before installing the sudo wrapper, you must ensure the EPM-UL policy is correctly configured for use with the sudo wrapper. For more information, see the Endpoint Privilege Management for Unix and Linux Administration Guide. |
| -p prefix | This option with a following word argument specifies an installation prefix for this installation. |
| -P |
Sets the port for the primary license server for client registration. |
| -Q | Installs Primary Registry Name Server (infers -S, -W and -X). |
| -r |
Creates a submit host; installs client software (pbrun, pbsh, pbksh). |
| -R directory |
Specifies a base directory for applicable settings in the generated pb.settings file. Used with -z option only. |
| -s suffix |
This option with a following word argument specifies an installation suffix for this installation. |
| -S | Specifies y or n to enable or disable Registry Name Service. |
| -t |
Set the temporary directory to be used during installation. When a temporary directory is defined, TMPDIR is overwritten, and the tempfilepath is included in pb.settings. -t /tmp/tempdir |
| -u |
Installs Endpoint Privilege Management for Unix and Linux(pbvi, pbless, and so forth). |
| -v |
Prints pbinstall version information and exits. |
| -W | Installs Registry Name Server. |
| -y <hostname> | Specifies license server(s) with one or more -y <hostname> arguments.
The first host specified must be the primary license server. |
| -Y | Installs license server. |
| -x |
Creates a log synchronization host (that is, installs pbsyncd). |
| -X | Installs Client Registration Services |
| -z |
Creates pb.settings, pb.conf, and (if applicable) pb.key files only. For use when installing Endpoint Privilege Management for Unix and Linux with package installers. Cannot be combined with the -b, -c, -e, -i, -o, -p, -s. -u, -w, or -x options. |
| -Z | Installs File Integrity Policy Services |
Files
Not applicable
