Install Linux Endpoint

Ensure prerequisites are in place before you begin the installation and that Linux endpoint machines are up-to-date.
Note: in Linux all file names are case-sensitive.

Currently, the available endpoints supported by Application Control for Linux 2021.4.1 are Centos 8, Redhat 8 and Oracle 8.

There are two options for installation, auto install and manual. Oracle 8 must be manually installed while auto install (manifest deployment) is available for Centos 8 and Redhat 8.

Install Centos 8 and Redhat 8

The following procedure will guide the installation of both Centos 8 and Redhat 8:

  1. Verify the location of the tar archives. These can be copied into your home folder, do a cd ~ followed by ll.

    .tar archives can be found on your backend under this path :

    C:\Program Files\Ivanti\ACServer\AC Server\HostedFiles

    Where C:\Program Files\Ivanti\ACServer is the default install path of AC for Linux.

  2. Verify the kernel version of the Linux session : uname -r

  3. Decompress the tar archives:

    tar -xvf ivanti-ac-agent.tar

    tar -xvf ivanti-ac-engine.tar

  4. Install the agent as a regular user, the sudo command:

    sudo yum install -y ivanti-ac-agent-1.1-1.x86_64.rpm

  5. Navigate to agent installation folder and verify with an ll or ls command:

    cd /opt/ivanti/ac/bin/

  6. Copy the CA.pem from backend,

    From: C:\Program Files\Ivanti\ACServer\Certificates

    To: /opt/ivanti/ac/bin/

  7. Add entry into /etc/hosts:

    1. On a single line put the backends' IP, a space, the short name of the backend.

    2. Save the file.

  8. Type pwd, make sure you are in /opt/ivanti/ac/bin/

  9. Register the agent to the backend using this command (put your backend short name after the --host option ). For example:

    sudo ./stagentctl register --host BDARROW19 --port 3123 --passphrase TestReg --selected-policy acpolicy --issuer-certificate CA.pem

  10. Linux terminal should return " Agent is fully registered ".

  11. Once you see this text, verify that AF server console shows Agent <uniq ID> => Registered on the backend.

Wait approximately 10 minutes then check that you have this path on your Linux box :

/opt/ivanti/ac/engines/ivanti-ac-engine-centos-8

This means that the engine has been automatically installed via the backend manifest deploy action.

Oracle 8

On Oracle 8, manifest deploy is not supported yet, so the engine needs to be installed by hand:

sudo yum install -y ivanti-ac-engine-0.1-1.x86_64.rpm

Activate Engine

Let's activate the engine. This is done with two commands:

sudo systemctl enable ivanti-ac-engine.service

sudo systemctl start ivanti-ac-engine.service

Check the Endpoint

At this point Linux has been fully installed, on both the backend and your Linux Endpoint. To do a quick check, from the backend, WEB UI Console >Devices tab - check to see that you Linux endpoint is in there:

  1. Click on the name of the Linux endpoint.

  2. On the Device Summary press on the Refresh Device Details button.

Refresh the page, you should have the appropriate hardware/software details for your system appear at this point.

Related topics:

Installation Overview

Prerequisites

Install Windows Server

Uninstall

Troubleshooting

Application Control for Linux Utilization (opens Application Control Help)