Red Hat Installation Instructions
How to install the client on Red Hat.
Before installing the client on Red Hat Enterprise Linux™ 6 or 7, ensure that you have disabled the SELinux process or, if you want to keep SELinux enabled, that the following settings are configured:
selinux = enforcing, policy = targeted.
Before installing the client on Red Hat Enterprise Linux™ 8 or later, instead, you must disable the SELinux process.
- Installed the Athena library (libXaw package) that is used by the user interface component of the client.
To install the client perform the following steps:
- Download the corresponding BigFix client RPM file to the Red Hat computer.
- Install the RPM by running the command
rpm -ivh client_RPM_pathNote:Starting from BigFix Version 9.5.9, if you are installing the signed packages and you have not imported the public key for that signature, you receive the following warning:
BESAgent-9.5.9.xx-rhe6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 3e83b424: NOKEY - Copy your actionsite masthead to the client computer (the masthead contains configuration,
license, and security information). The action site masthead (
actionsite.afxm) can be found in your BES Installation folders (by default they are placed underC:\Program Files (x86)\BigFix Enterprise\BES Installers\Clienton Windows™ and/var/opt/BESInstallers/Client/on Linux™). If the masthead is not namedactionsite.afxm, rename it toactionsite.afxmand place it on the computer at the following location:/etc/opt/BESClient/actionsite.afxm.Note: The directoryThe masthead file for each BigFix Server can be downloaded at/etc/opt/BESClient/is not automatically created by the installer. If it does not exist, create it manually.http://servername:port/masthead/masthead.afxm(example:http://bes.BigFix.com:52311/masthead/masthead.afxm). - Start the BigFix client by running
the command:
/etc/init.d/besclient start
Signed Client Red Hat RPM packages
Starting from BigFix Version 9.5.9, the Red Hat RPM packages are signed with a PGP key.
The RPM packages available for download are stored, divided by product version and platform, in the following repository: http://support.bigfix.com/bes/release/.
rpm -qpi <package>.rpm- The package is signed if the Signature field is not empty.
- The package is not signed if the Signature field does not contain any value.
Name: BESAgent
Version : 9.5.9.xx
Release : rhe6
Architecture: x86_64
Install Date: Mon 05 Mar 2018 11:31:15 AM CET
Group : Applications/Security
Size : 52968659
License : (c) Copyright IBM Corp. 2001-2018.
(c) Copyright HCL Technologies Limited 2018 ALL RIGHTS RESERVED
Signature : RSA/SHA256, Fri 02 Mar 2018 12:50:16 AM CET,
Key ID 19d621d73e83b424
Source RPM : BESAgent-9.5.9.24-rhe6.src.rpm
Build Date : Thu 01 Mar 2018 09:44:58 PM CET
Build Host : rhel6x64bs
Relocations : (not relocatable)
Packager : IBM Corp. and HCL Technologies Limited
Vendor : IBM Corp. and HCL Technologies Limited
URL : http://www.bigfix.com/
Summary : BigFix Agent
Description : BigFix Agent for Linux
If the package is signed:
If you are using Version 9.5.9, you can manually download and import the public key for that signature from the following web site: http://support.bigfix.com/bes/release/9.5/patch9/
If you are using Version 9.5.10, you can download and import the public key for that signature by running the BES Support Fixlet named Import BigFix version 9.5 public GPG key for RedHat RPMs.
rpm --import <keyfile>The BigFix public key available for download is stored in the following repository: http://support.bigfix.com/bes/release/
'rpm -i <package name>'If you did not import the public key, during the client installation you might see a warning message saying that the signature cannot be verified. This message does not prevent your RPM package from being installed successfully on the client system.