In order to create an offline installation package, you will need the following:
- An "online" client with internet access that runs the same Operating System and supported kernel version.
- Your "offline" client(s) will still need http or https access to the Endpoint Protection Manager (SEPM) for policy updates.
- Your "offline" client(s) will still need to download content from LiveUpdate Administrator (preferred) or from a SEPM configured as a reverse proxy.
Note: Linux Agent needs access to the following site to create the offline package (https://linux-repo.us.securitycloud.symantec.com (as of 14.3 RU1))
Please review the article URLs that allow SEP and SES to connect to Symantec servers for more information on Symantec Sites
To create an offline installation package:
- Export the LinuxInstaller package from your SEPM and copy it to your "online" client.
- From the "online" client, run the following command:
The --repackage switch downloads the packages from the repository for this platform and then repackages it into a single installer file. The results will be stored in LinuxInstaller.<plat>. For example, if you run this on Ubuntu 20, the filename would be LinuxInstaller.ubuntu20
- Copy your new installer to your "offline" client(s) and install the client normally.
- On the "online" client, run:
./LinuxInstaller -dt /path/to/folder
... to unzip the installer files into target folder and add also downloaded rpm/deb packages suitable for current system.
You may then distribute this folder to target systems and in that folder run "./installagent.sh -g" to install Linux Agent and use only the packages in current working directory—the installer will not check network repositories. The sylink.xml file in that folder can be replaced with that from other SEPM groups to change the group that the new agent will join after installation. The rpm/deb packages may supplemented with newer or different versions by repeating these steps on the online/build system at later dates or on different systems. This folder can also be uses to update existing clients, via "./installagent.sh -g --update-kmod"