Creating the response file

To implement a silent installation in Linux, you must create a response file that contains the parameters and input values for the required responses during installation. You can create different response files for different installation scenarios. You must create the response file before you install Symantec Protection Engine.
A default response file, called
response
, is included in the
Symantec Protection Engine.zip
file. The response file is a text file that is preconfigured with the default settings for the Symantec Protection Engine installation options. You must edit this response file so that it contains the input values that you want for the silent installation.
For silent installation to initiate, the response/no-ask-questions file must be present in the home directory of the user.
Do not delete any of the parameters in the response file. The installer must read an input value for each parameter. You must specify an input value for each parameter.
Input values in the response file lists the input values that are contained in the response file.
Input values in the response file
Input name
Description
Upgrade
Specifies that the installation is an upgrade.
Possible values are:
  • NONE
    Use this value if you do not want to perform an upgrade. This value is the default value.
  • UPGRADE
    Use this value if you want to upgrade and you want to preserve your existing settings. You must configure all of the Java inputs values. All other input values are ignored.
  • CLEAN
    Use this value to uninstall and reinstall the product. Configure the input values that you want to modify.
AdminPort
The port number on which the Web-based console listens. The default port number is 8004.
AdminPassword
The encrypted password for the virtual administrative account that you use to manage Symantec Protection Engine.
The default password is
ChangeMe@123
.
SSLPort
The Secure Socket Layer (SSL) port number on which encrypted files are transmitted for increased security.
The default port number is 8005.
InstallDir
The location where to install Symantec Protection Engine.
The default location is /opt/SYMCScan.
User
The name of an existing user under which Symantec Protection Engine runs.
The default setting is root.
JavaCmd
The full path (can be a symlink) to the 64-bit Java Runtime Environment (JRE) 8.0 Update 111 or later executables.
JavaBinDir
The full path (can be a symlink) to the 64-bit Java Runtime Environment (JRE) 8.0 Update 111 or later executables.
The installer assumes that the path that you enter is correct. If the path is incorrect or the JRE version is not the correct version, Symantec Protection Engine does not function properly. (Symantec Protection Engine might not function properly even if the installer reports that the installation was successful.)
JRELibDir
You must provide this information so that the LD_LIBRARY_PATH variable can locate the file libjvm.so.
This version of Symantec Protection Engine supports 64-bit Java Runtime Environment (JRE) 8.0 Update 111 or later. Value of JavaJRELib is different for JRE 8 and J.
For JRE 8:
JavaJRELib=<java_base_location>/jre/lib/amd64
For JRE 10:
JJavaJRELib=<java_install_location>/jre-10.0.2/lib
The installer assumes that the path that you enter is correct. If the path that you provide is incorrect, Symantec Protection Engine does not function properly even if the installer reports that the installation was successful.
CanRelocate (Linux only)
The Boolean value that indicates the version of the Red Hat Package Manager (RPM) that you are running. If you are running RPM versions 4.0.2 or 4.1, change this setting to 0. If you are not running RPM version 4.0.2 or 4.1, do not change the default setting. The default setting is 1.
EnableFilteringAndDownloadDefinitions
Enables URL Filtering and downloading of the URL definitions.
Possible values are as follows:
  • true: Use this value if you want to enable URL filtering in filtering mode and Download URL definitions.
  • false: Use this value if you want to disable URL Filtering and Definition Download.
    This value is the default value.
UpdateServer
Enter the LiveUpdate server name or IP address to which you want to connect.
This parameter is valid only for an upgrade where you preserve your existing settings. The default value is liveupdate.symantec.com.
UpdateServerPort
Enter the LiveUpdate server port number.
This parameter is valid only for an upgrade where you preserve your existing settings. The default value is 80.
UpdateServerPath
Enter the directory path on the LiveUpdate server that contains the LiveUpdate packages.
This parameter is valid only for an upgrade where you preserve your existing settings. If you do not specify a value, the default is blank.
UpdateServerProxyName
Enter the LiveUpdate proxy server name or IP address.
This parameter is valid only for an upgrade where you preserve your existing settings. If you do not specify a value, the default is blank.
UpdateServerProxyPort
Enter the LiveUpdate proxy server port number.
This parameter is valid only for an upgrade where you preserve your existing settings. The default value is 0.
Deployment
Enter the application type.
Possible values are as follows:
  • 0 for Email Server
  • 1 for Proxy/Web cache server
  • 2 for Other Application
    This is the default value.
ApplicationName
Enter the name of the application for which Symantec Protection Engine will be used. This parameter will be considered only if
Deployment
value is
2 (Other Application)
.
IgnoreGlibcWarning
Symantec Protection Engine checks for the glibc component version during installation. Warning appears if minimum required glibc version is not found.
Possible values are as follows:
  • true: Ignores the warning for old version of glibc. Installation continues for older versions of glibc also. Unsupported version of glibc may cause Symantec Protection Engine to stop responding.
  • false: Doesn’t ignore the warning for old version of glibc. Installation is canceled.
InsightAggressionLevel
The scanning aggression level defines the detection aggression level for threat detection technologies. Configure the scanning aggression level.
Possible values are:
  • 0 (Known Bad)
  • 1 (Low)
  • 2 (Medium)
    This is the default value.
  • 3 (High)
EnableURLReputationAndDownloadDefinition
Enables URL Reputation
  • true:
    Enables URL Reputation and downloads URL definitions.
  • false:
    Disables URL Reputation
EnableRestAPI
Enables or disables the REST API Service in SPE.
  • true:
    Enables REST API Service in SPE. This is the default value.
  • false:
    Disables REST API Service in SPE.
JavaBinDir
Java location needed to start REST API service format
For Linux platform valid path to java install location till bin directory e.g. "Java_install_location\bin"
Empty
RestAPIServicePort
REST Service port
Integer value between 1 and 65535
8008
EnableLDAPAuthentication
Enables/disables the Windows Active Directory based authentication in Symantec Protection Engine.  Used for authentication with REST API service. The same authentication mode will be used to configure Symantec Protection Engine centralized console.
true/false
false
From SPE 9.0.0 onwards, the AD groups and other connections settings are present in the
application.properties
file. You can find this file at the following location on Linux:
/opt/SYMCScan/RestAPI/
.
If you upgrade from SPE 8.2.2 or earlier versions and want to update the settings after the SPE installation, you can do it through the
application.properties
file.  After the file update, you need to start the SPE Rest API service
/etc/init.d/symcrestapiservice start
.
LDAPURL
Active Directory URL
Active Directory URLExample: server.example.com
Empty
Active Directory Port
Integer value between 1 and 65535389 : default port for non-SSL LDAP636 : default port for SSL LDAP
Default: 389
LDAPBaseDN
Active Directory Base DN
Base DN in string Example: dc=example,dc=com
Default: Empty
LDAPGroupDN
Active Directory group DN
Group DN  string Example:cn=testgroup,dc=example,dc=com
Default: Empty
LDAPSSLEnabled
Enables/disables the secure connection with configured Active Directory server.
true/false
false
  1. To create the response file for Linux
  2. Locate the response file, response, in the Symantec Protection Engine.zip file and copy it to the home directory of the user.
    For the silent installation to initiate, the response file must be located in the /home directory of the user.
  3. Rename the file as
    no-ask-questions
    and open the file.
  4. Supply the input value for each parameter.
    Make changes only to the right of the equal sign (=) for each parameter.
  5. At AdminPassword=, copy and paste the encrypted string that the XML modifier command-line tool generated.
    Ensure that you have copied the encrypted string in its entirety.
  6. Save the file.