Installing the PingFederate service on Linux manually - PingFederate

Installing the PingFederate service on Linux manually - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

Page created: 12 Sep 2019 |

Page updated: 21 Dec 2021

| 4 min read

PingFederate 10.0 Product Installation User task Administrator Audience Software Deployment Method Product documentation Content Type

Request a license key via the Ping Identity licensing website.
Ensure you are logged on to your system with appropriate privileges to install and run an application.

Note:
You must install and run PingFederate under a local user account.
Verify that the Java runtime is installed and the required environment variables are set correctly (see Installing Java).
Download and extract the distribution ZIP file into an installation directory (<pf_install>).
Create a new local user account for the PingFederate service; for example, pingfederate.

The service account is referred to as <pf_user>.
Change the ownership of the PingFederate installation directory (<pf_install>) and update the read and write permissions using the following commands:
```
chown -R <pf_user> <pf_install>
chmod -R 775 <pf_install>
```
If the operating system supports systemd, follow these steps to install the PingFederate unit file.
1. Edit the pingfederate.service systemd unit file, located in the <pf_install>/pingfederate/sbin/linux directory.
  Replace the following variables with information from your environment:
  
  ${PF_VERSION}
  
  The version of PingFederate.
  
  ${PF_USER}
  
  The local user account for the PingFederate service.
  
  ${PF_HOME}
  
  The <pf_install>/pingfederate directory.
  
  For example, if <pf_install> is /opt/identity.fed, replace ${PF_HOME} with /opt/identity.fed/pingfederate.
  
  ${PF_JAVA_HOME}
  
  The JAVA_HOME environment variable value (a directory).
2. Copy the pingfederate.service file to the systemd unit files directory; for example, /etc/systemd/system.
  The exact location may vary, depending on the operating system. Consult your system administrators, as needed. The rest of the step assumes /etc/systemd/system is the systemd unit files directory.
3. Use the following command to update the read and write permissions of the pingfederate.service systemd unit file:
```
chmod 664 /etc/systemd/system/pingfederate.service
```
4. Use the following commands to load the new system configuration changes and start the PingFederate service:
```
systemctl daemon-reload ;\
systemctl start pingfederate
```
5. Use the following commands to configure the PingFederate service to start automatically as the server boots.
```
systemctl enable pingfederate ;\
systemctl daemon-reload ;\
systemctl restart pingfederate
```
After setting up the PingFederate systemd unit file, you can use the systemctl command to manage the PingFederate service.
Sample systemctl commands
```
systemctl start pingfederate
systemctl stop pingfederate
systemctl restart pingfederate
systemctl status pingfederate
```
If the operating system supports SysV initialization, follow these steps to install the PingFederate script.
1. Edit the pingfederate script, located in the <pf_install>/pingfederate/sbin/linux directory.
  Replace the following statements with information from your environment:
  
  PF_HOME=$PF_HOME
  
  Replace $PF_HOME with the <pf_install>/pingfederate directory.
  
  For example, if <pf_install> is /opt/identity.fed, replace $PF_HOME with /opt/identity.fed/pingfederate.
  
  USER="pingfederate"
  
  If the PingFederate service account is not pingfederate, replace pingfederate with the local user account for the PingFederate service.
  
  For example, if <pf_user> is pingfed, replace pingfederate with pingfed.
  Example (truncated)
  If <pf_install> and <pf_user> are /opt/identity.fed and pingfederate, respectively, the required modifications are as follows:
  ... PF_HOME=/opt/identity.fed/pingfederate DIR="$PF_HOME/sbin" USER="pingfederate" ...
2. Copy the pingfederate script to the SysV initialization directory; for example, /etc/rc.d/init.d.
  The exact location may vary, depending on the operating system. Consult your system administrators, as needed. The rest of the step assumes /etc/rc.d/init.d is the SysV initialization directory.
3. Use the following command to update the read and write permissions of the pingfederate SysV initialization script:
```
chmod 755 /etc/rc.d/init.d/pingfederate
```
4. Configure the operating system to start the PingFederate service at various runlevels.
  On an RHEL server, you may use the Service Configuration utility to do so.
  Alternatively, you can create symbolic links of the pingfederate script in the initialization directories associated with various runlevels manually using the ln -s source target command.
  For example, you may create the following symbolic links on an RHEL server where runlevels 2 and 4 are not used:
```
ln -s /etc/rc.d/init.d/pingfederate /etc/rc3.d/S84pingfederate
ln -s /etc/rc.d/init.d/pingfederate /etc/rc5.d/S84pingfederate
ln -s /etc/rc.d/init.d/pingfederate /etc/rc0.d/K15pingfederate
ln -s /etc/rc.d/init.d/pingfederate /etc/rc1.d/K15pingfederate
ln -s /etc/rc.d/init.d/pingfederate /etc/rc6.d/K15pingfederate
```
  Some operating systems may require a restart of the system to activate the new scripts. Consult your system administrators, as needed.
After setting up the PingFederate SysV initialization script, you can use the Service Configuration utility or the service command to manage the PingFederate service.
Sample service commands
```
service pingfederate start
service pingfederate stop
service pingfederate restart
service pingfederate status
```