Install Sudo Manager Plugin Client

This section provides details on install Sudo Manager plugin client.

Installation Programs

This section describes the Sudo Manager installation programs and their options.

sudomgrinstall

sudomgrinstall is an interactive script that is used to install the client-side component of Sudo Manager. The sudomgrinstall installer program registers the target sudo host and securely transfers the sudoers policy file, along with relevant include files, to the Sudo Manager Policy Server for storage and maintenance. It then lays down Sudo Manager’s customized policy (pbsudomgr.so), hooking it into the sudo front end configuration (sudo.conf), simultaneously deactivating any pre-existing plugins for policy processing.

Syntax

sudomgrinstall [options]

Arguments

-a architecture

This option and its required argument explicitly specify which Unix or Linux architecture file to install.

If the -a option is used, then the installer compares the expected flavor and the flavor that is specified with the -a option and displays a warning if they do not match.

-b

Runs sudomgrinstall in batch mode. In batch mode, the specified existing or default settings are automatically used. User intervention is not allowed and hit enter prompts are suppressed. This option also invokes -e.

-c

Perform or skip client registration for automatic configuration:

                  yes: (default). Perform client registration. Required for initial installation.

no: Skip client registration and only update local binaries. Use only in upgrade scenarios.

-d

Installs the static pbdemo.key for a fresh install. This keyfile is static and shipped as part of the tar file. Therefore it should only be used for demo purposes and should not be used in production environment.

-e Runs sudomgrinstall automatically by bypassing the menu step of sudomgrinstall. Bypassing the sudomgrinstall menu step makes it impossible to change installation options or configurations.
-p Configures sudo to use Sudo Manager plugin for policy processing.
-C alias

Configures Sudo Manager to create a host alias for this sudo client.

-J alias Configures Sudo Manager to join a host alias for this sudo client.
-U Automatically upload the sudoers file to the Sudo Policy Server.
-F

Force sudoers file upload to the Sudo Policy Server. Any existing sudoers file in the repository will be replaced.

-A appid Set the Application Id for client registration
-K appkey Set the Application Key for client registration.
-D host

Set the address for the primary server for client registration.

-P port

Specify the port for the primary server for client registration.

-S y|n Specify y or n to if Registry Name Service is enabled for your enterprise.
- t

Set the temporary directory to be used during installation. When a temporary directory is defined, TMPDIR is overwritten, and the tempfilepath is included in pb.settings.

-t /tmp/tempdir
-h Prints the usage information for sudomgrinstall and exits.
-v

Prints sudomgrinstall version information and exits.

sudomgruninstall

The sudomgruninstall program is an interactive script that is used to uninstall the client-side component of Sudo Manager. The sudomgruninstall program deregisters the target sudo host and removes its sudoers files from the repository maintained at the Sudo Policy Server. It attempts to restore the sudo host to its state prior to installation: the latest sudoers files are retrieved from the Sudo Policy Server and saved back to the original location (e.g., /etc/sudoers); references to the custom Privilege Management plugin in the sudo configuration file are removed; and files related to Sudo Manager are uninstalled.

Syntax

sudomgruninstall [options]

Arguments

-a architecture

This option and its required argument explicitly specify which Unix or Linux architecture file to uninstall.

If the -a option is used, then the uninstaller compares the expected flavor and the flavor that is specified with the -a option and displays a warning if they do not match.

-b

Skip confirmation prompts.

-P

Preserve local sudoers policy files. During the uninstallation, by default, the latest sudoers file (along with associated include files) are first pulled from the Sudo Policy Server and saved back to the original location on the sudo host. Specifying this option skips this restoration step.

After initial installation by sudomgrinstall, the original sudoers files are renamed (with timestamp as a suffix) since the active sudoers files were automatically maintained by Sudo Manager.

-A appid Set the Application Id for client registration
-K appkey Set the Application Key for client registration.
-h Prints the usage information for sudomgruninstall and exits.
-v

Prints sudomgruninstall version information and exits.