Using a Native Package Manager on UNIX Computers

When you upgrade using the Delinea install.sh shell script, the script manages all dependencies and compatibility issues for you. If you want to upgrade Delinea software packages using the native package manager, you should first determine whether there are any compatibility issues or dependencies between the packages you have installed. You can then upgrade packages individually or simultaneously. For details about specific version compatibility requirements and upgrade scenarios, see Compatibility for additional packages.

After you have determined whether you have any version dependencies, you can use the native package manager to upgrade all packages simultaneously. You can also use the native package manager to remove old packages individually or remove all packages simultaneously.

Upgrading Packages Individually on a UNIX Computer

With the exception of Solaris computers, you do not need to stop any running Delinea process to perform an upgrade on UNIX machines. On Solaris computers, you should stop all Delinea processes before upgrading. You should note that while rebooting the computer or restarting agent services after an upgrade is not required for Delinea processes in most cases, you may need to reboot the computer or restart any processes that rely on PAM or NSS modules after you complete the upgrade to ensure that the upgraded binaries and libraries are being run. Rebooting the computer after upgrade is recommended as a best practice.

To upgrade Delinea software using the native package manager, follow these basic steps:

  • Stop all Delinea processes running on Solaris computers.

    For example:

    /usr/share/centrifydc/bin/centrifydc stop
    /etc/init.d/centrify-sshd stop
    /etc/init.d/adfsagent stop

  • Upgrade the core agent packages using the native package manager. The four core packages must be upgraded together.

  • Upgrade other Delinea packages using the native package manager.

  • Restart Delinea processes or reboot the computer.

Depending on the order in which you are upgrading individual packages, you might see warnings from the package manager about file dependencies. If you see that a dependency is generated because of a package you have yet to upgrade, it is safe to ignore the warning.

The next sections illustrate the commands to use on different platforms. The actual file name that you specify on the command line—including a specific build number, platform, and architecture—will identify the specific operating system you are updating, for example centrifydc-5.4.2-sol8-sparc-local.tgz or centrifydc5.4.2aix53ppc-bff.gz.

Performing Upgrades on UNIX Computers

The process for simultaneous upgrades on UNIX computers is similar to that for Linux computers. However, the native package managers on different platforms vary in their ability to perform simultaneous upgrades.

This section includes the following topics:

Upgrading Packages on Solaris Computers

On Solaris computers, it is necessary to spool all packages that are to be installed simultaneously. The package manager can then take the spooled packages and install them all at once using one command. Before upgrading on Solaris computers, however, you should stop all Delinea processes that are running.

On Solaris 10 computers that use Solaris zones, you should upgrade the core agent packages as a separate step. You can then upgrade other Delinea packages using a simultaneous upgrade.

To perform upgrades on Solaris computers:

  1. Stop existing Delinea processes.

    For example, if you are upgrading the core agent, Delinea-enabled OpenSSH, and Delinea NIS packages, you would enter commands similar to the following:

    /usr/share/centrifydc/bin/centrifydcstop   

    etc/init.d/centrify-sshd stop   
    /etc/init.d/adnisd stop (on Solaris 9)   
    svcadm disable centrifydc_server (on Solaris 10 or later)

  2. Create a new admin file.

    If you are upgrading an existing installation, make a copy of the system default admin file (/var/sadm/install/admin/default) and modify it to ignoredependencies. In the examples below, this file is called my_admin. It should look like this:

    mail=
    instance=overwrite
    partial=nocheck
    runlevel=nocheckidepend=nocheck rdepend=quit
    space=quit
    setuid=nocheckconflict=nocheckaction=nocheck basedir=default

    If you are performing a fresh installation, you can use the original system admin file and keep the default settings.

  3. Unzip and extract each package into a temporary directory, for example, my_tmp_dir.

    To unzip and extract the agent core packages, you would enter commands similar to the following:

    gunzip centrifydc-5.4.0-*platform-arch*-local.tgz  

    tar xvf centrifydc-5.4.0-platform-arch-local.tar  
    gunzip centrifydc-openssl-5.4.0-*platform-arch*-local.tgz  
    tar xvf centrifydc-openssl-5.4.0-*platform-arch*-local.tar  
    gunzip centrifydc-openldap-5.4.0-*platform-arch*-local.tgz  
    tar xvf centrifydc-openldap-5.4.0-*platform-arch*-local.tar  
    gunzip centrifydc-curl-5.4.0-*platform-arch*-local.tgz  
    tar xvf centrifydc-curl-5.4.0-*platform-arch*-local.tar

  4. Spool the packages.

    Spool the packages to a specified directory, for example, my_spool_dir.

    To spool the core packages, you would run commands similar to the following:

    pkgadd -s /my_spool_dir -d /my_tmp_dir/CentrifyDC CentrifyDC  

    pkgadd -s /my_spool_dir -d /my_tmp_dir/CentrifyDC-openssl CentrifyDC-openssl
    pkgadd -s /my_spool_dir -d /my_tmp_dir/CentrifyDC-openldap
    CentrifyDC-openldap  
    pkgadd -s /my_spool_dir -d /my_tmp_dir/CentrifyDC-curl CentrifyDC-curl

  5. Upgrade the packages.

    To upgrade the core packages, you would enter commands similar to the following:

    /usr/sbin/pkgadd -a my_admin -n -d /my_spool_dir CentrifyDC-openssl  

    /usr/sbin/pkgadd -a my_admin -n -d /my_spool_dir CentrifyDC-openldap
    CentrifyDC-curl  
    /usr/sbin/pkgadd -a my_admin -n -d /my_spool_dir CentrifyDC

  6. Restart Centrify processes after the upgrade is complete.

  7. Verify the upgrade.

    To verify that the upgrade was successful, run the following command:

    /usr/bin/pkginfo \| grep -i Centrify

Upgrading Packages on HP-UX Computers

On HP-UX computers, it is necessary to spool all packages that are to be installed. The package manager can then take the spooled packages and install them all at once using one command.

To perform upgrades on HP-UX computers

  1. Copy and unzip all depot.gz packages into a temporary directory, for example, my_dir.

    To unzip and extract the agent core packages, enter commands similar to the following:

    gunzip centrifydc-5.4.0-*platform-arch*.depot.gz  

    gunzip centrifydc-openssl-5.4.0-*platform-arch*.depot.gz  
    gunzip centrifydc-openldap-5.4.0-*platform-arch*.depot.gz  
    gunzip centrifydc-curl-5.4.0-*platform-arch*.depot.gz

  2. Spool each package.

    On HP-UX computers, you can use the default spool directory, but you must create a working directory, for example my_dir.

    To spool the agent core packages to my_dir, enter commands similar to the following:

    swcopy -s /full_path/my_dir/centrifydc-openssl-5.4.0-*platform-arch*.depot

    CentrifyDC-openssl  
    swcopy -s /full_path/my_dir/centrifydc-openldap-5.4.0-*platform-arch*.depot
    CentrifyDC-openldap  
    swcopy -s /full_path/my_dir/centrifydc-curl-5.4.0-*platform-arch*.depot
    CentrifyDC-curl  
    swcopy -s /full_path/my_dir/centrifydc-5.4.0-*platform-arch*.depot
    CentrifyDC

  3. Upgrade the packages.

    Use a single command to upgrade all packages. For example, to update the core agent packages, enter a command similar to the following:

    swinstall -s CentrifyDC-openssl CentrifyDC-openldap CentrifyDC-curl

    CentrifyDC

  4. Verify the upgrade.

    Verify that the upgrade was successful by running the following commands:

    swlist \| grep -i Centrify

    swverify CentrifyDC

Upgrading Packages on AIX Computers

On AIX computers, it is necessary to unzip all packages that are to be installed. The package manager can then take the unzipped packages and install them all at once, using one command.

To perform upgrades on AIX computers do the following:

  1. Copy and Unzip the packages to a directory, for example, my_dir.

    If you are upgrading the core agent packages, you would run commands similar to the following:

    gunzip centrifydc-5.4.0-*platform-arch*-bff.gz  

    gunzip centrifydc-openssl-5.4.0-*platform-arch*-bff.gz  
    gunzip centrifydc-openldap-5.4.0-*platform-arch*-bff.gz  
    gunzip centrifydc-curl-5.4.0-*platform-arch*-bff.gz

  2. Upgrade the packages.

    You can now upgrade the packages using commands similar to the following:

    inutoc .

    installp -aY -d my_dir all