From fb87875ba953729a7fb331f3fa2e978f0c4b6029 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Thu, 17 Jul 2025 16:27:07 +0530 Subject: [PATCH 01/13] Update linux-install-manually.md Add documentation regarding custom path installation --- defender-endpoint/linux-install-manually.md | 45 +++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/defender-endpoint/linux-install-manually.md b/defender-endpoint/linux-install-manually.md index d77f2d5175..b21f6b0356 100644 --- a/defender-endpoint/linux-install-manually.md +++ b/defender-endpoint/linux-install-manually.md @@ -42,6 +42,7 @@ A successful deployment requires the completion of all of the following tasks: - [SLES and variants](#sles-and-variants-1) - [Ubuntu and Debian systems](#ubuntu-and-debian-systems) - [Mariner](#mariner) +- [Pre Install Setup for Custom Path Installation](#pre-install-setup-for-custom-path-installation) - [Application installation](#application-installation) - [RHEL and variants (CentOS, Fedora, Oracle Linux, Amazon Linux 2, Rocky, and Alma)](#rhel-and-variants-centos-fedora-oracle-linux-amazon-linux-2-rocky-and-alma) - [SLES and variants](#sles-and-variants) @@ -257,6 +258,50 @@ In order to preview new features and provide early feedback, it's recommended th sudo dnf config-manager --enable mariner-official-extras-preview ``` +## Pre Install Setup for Custom Path Installation + +These steps are applicable only if Defender is to be installed in a custom location. + +The custom installation path is denoted here as + +> [!NOTE] +> Only absolute custom installation path is supported + +1. Create the required directories for setup + ```bash + sudo mkdir -p + sudo mkdir -p /etc/opt/microsoft/mdatp + ``` + +2. Create the config json file `/etc/opt/microsoft/mdatp/mde_path.json`, specifying the custom installation path, in the mde config directory + + File Content: + ``` + {"path":""} + ``` + + For example, if the custom installation path is to be set as `/custom/microsoft_mdatp`, `/etc/opt/microsoft/mdatp/mde_path.json` will be created with the following content: + ``` + {"path":"/custom/microsoft_mdatp"} + ``` +3. Set required permissions + ``` + chmod 755 + chmod 644 /etc/opt/microsoft/mdatp + ``` + +4. Create a symlink to the installation location + ``` + mkdir -p /opt/microsoft + mkdir -p /opt/microsoft/mdatp + ln -sf /opt/microsoft/mdatp /opt/microsoft/mdatp + ``` + > [!NOTE] + > + > If you choose to skip creation of symlink, you can rely on the installer package to create the symlink for you, provided you have - + > 1. 1GB space in /opt or + > 2. You have managed the disk space check issue at your end + ## Application installation Use the commands in the following sections to install Defender for Endpoint on your Linux distribution. From 27bf69f57e9a14a33df4a42fdf2b50591b212e84 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Mon, 21 Jul 2025 11:22:27 +0530 Subject: [PATCH 02/13] Update linux-installer-script.md --- defender-endpoint/linux-installer-script.md | 25 ++++++++++++++++----- 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/defender-endpoint/linux-installer-script.md b/defender-endpoint/linux-installer-script.md index 31194a8105..24b6705cbc 100644 --- a/defender-endpoint/linux-installer-script.md +++ b/defender-endpoint/linux-installer-script.md @@ -80,11 +80,20 @@ Before you get started, see [Prerequisites for Defender for Endpoint on Linux](m 4. Execute the installer script and provide the onboarding package as a parameter to install the agent and onboard the device to the Defender portal. - ```bash - sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req - ``` - - This command deploys the latest agent version to the production channel, check for min system requisites and onboard the device to Defender Portal. + 1. Default Path Installation + + The default installation location is `/` + ```bash + sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req + ``` + 3. Custom Path Installation + + For installation at a custom location, provide the custom installation path - , as a parameter. + ```bash + sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req --install-path + ``` + + These commands deploy the latest agent version to the production channel, check for min system requisites and onboard the device to Defender Portal. Additionally you can pass more parameter based on your requirements to modify the installation. Check help for all the available options: @@ -116,6 +125,7 @@ Before you get started, see [Prerequisites for Defender for Endpoint on Linux](m --https-proxy set https proxy --ftp-proxy set ftp proxy --mdatp specific version of mde to be installed. will use the latest if not provided + -b|--install-path specify the installation and configuration path for MDE. Default: / -h|--help display help ``` @@ -128,7 +138,10 @@ Before you get started, see [Prerequisites for Defender for Endpoint on Linux](m |Uninstall agent | `sudo ./mde_installer.sh --remove` | > [!NOTE] - > Upgrading your operating system to a new major version after the product installation requires the product to be reinstalled. You need to uninstall the existing Defender for Endpoint on Linux, upgrade the operating system, and then reconfigure Defender for Endpoint on Linux. + > + > 1. Upgrading your operating system to a new major version after the product installation requires the product to be reinstalled. You need to uninstall the existing Defender for Endpoint on Linux, upgrade the operating system, and then reconfigure Defender for Endpoint on Linux. + > + > 2. Installation path cannot be changed during upgrade. If MDE is installed in the default path, upgrading to a custom path is not supported. This will be considered as "migration", which is not supported. For migration, either from default to custom path or custom to default path, uninstall MDE. ## Verify deployment status From bd14b68eb1c31ce30336eb07ae14f84b49b2ddb9 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:15:30 +0530 Subject: [PATCH 03/13] Update linux-deploy-defender-for-endpoint-with-chef.md --- .../linux-deploy-defender-for-endpoint-with-chef.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md b/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md index e88d02aedc..a9f10e58fe 100644 --- a/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md +++ b/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md @@ -121,6 +121,10 @@ A cookbook can be created through any of the following methods: EOS end ``` + - For installation at a custom location, provide the custom installation path - , as a parameter to the installer script + ```bash + #{mde_installer} --install --onboard #{onboarding_json} --install-path #{custom_path} + ``` > [!NOTE] > The installer script also supports other parameters such as channel, realtime protection, version, etc. To select from the list of available options, check help through the following command: From a7e3b5a74f10e34495217a3788b5692d36849da6 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:25:53 +0530 Subject: [PATCH 04/13] Update mde-linux-prerequisites.md --- defender-endpoint/mde-linux-prerequisites.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/defender-endpoint/mde-linux-prerequisites.md b/defender-endpoint/mde-linux-prerequisites.md index 1cf689f060..254dbef02b 100644 --- a/defender-endpoint/mde-linux-prerequisites.md +++ b/defender-endpoint/mde-linux-prerequisites.md @@ -51,6 +51,10 @@ For detailed licensing information, see [Product Terms: Microsoft Defender for E - **Disk Space**: 2 GB minimum. For high-performance workloads, more disk space might be needed. - **Memory**: 1 GB of RAM minimum. For high-performance workloads, more memory might be needed. +Additionally if installing MDE at a custom location +- **Permissions**: rwxr-xr-x minimum permissions for the entire custom installation directory tree +- **semanage**: For workloads with conflicting rules, SELinux equivalence rules might need to be set. + > [!NOTE] > Performance tuning might be needed based on workloads. For more information, see [Performance tuning for Microsoft Defender for Endpoint on Linux](/defender-endpoint/linux-support-perf) From 32b543c2d6590030ab6565cf5d0182e8bd7f73fb Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:37:53 +0530 Subject: [PATCH 05/13] Update linux-install-with-ansible.md --- defender-endpoint/linux-install-with-ansible.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defender-endpoint/linux-install-with-ansible.md b/defender-endpoint/linux-install-with-ansible.md index 290419e0e8..ca1f220117 100644 --- a/defender-endpoint/linux-install-with-ansible.md +++ b/defender-endpoint/linux-install-with-ansible.md @@ -149,7 +149,7 @@ Create installation YAML file. You can also download the file directly from [Git ``` > [!NOTE] -> The installer script also supports other parameters such as channel, realtime protection, version, etc. To select from the list of available options, check help through the following command: `./mde_installer.sh --help` +> The installer script also supports other parameters such as channel, realtime protection, version, custom path installation etc. To select from the list of available options, check help through the following command: `./mde_installer.sh --help` ### Apply the playbook From a572b0371829625705c39255845969b5dbb993f4 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:40:16 +0530 Subject: [PATCH 06/13] Update linux-deploy-defender-for-endpoint-with-chef.md --- .../linux-deploy-defender-for-endpoint-with-chef.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md b/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md index a9f10e58fe..e3ab31e9c3 100644 --- a/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md +++ b/defender-endpoint/linux-deploy-defender-for-endpoint-with-chef.md @@ -121,13 +121,9 @@ A cookbook can be created through any of the following methods: EOS end ``` - - For installation at a custom location, provide the custom installation path - , as a parameter to the installer script - ```bash - #{mde_installer} --install --onboard #{onboarding_json} --install-path #{custom_path} - ``` > [!NOTE] -> The installer script also supports other parameters such as channel, realtime protection, version, etc. To select from the list of available options, check help through the following command: +> The installer script also supports other parameters such as channel, realtime protection, version, custom path installation etc. To select from the list of available options, check help through the following command: >```./mde_installer.sh --help``` ### Create a cookbook by manually configuring repositories From 8dd76be4dfec0eac2abf087a0b43410e20973f4e Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:43:53 +0530 Subject: [PATCH 07/13] Update linux-install-with-puppet.md --- defender-endpoint/linux-install-with-puppet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defender-endpoint/linux-install-with-puppet.md b/defender-endpoint/linux-install-with-puppet.md index d9ffe33be1..16efdfa432 100644 --- a/defender-endpoint/linux-install-with-puppet.md +++ b/defender-endpoint/linux-install-with-puppet.md @@ -154,7 +154,7 @@ There are two ways to create a manifest file: } ``` > [!NOTE] -> The installer script also supports other parameters such as channel, realtime protection, version, etc. To select from the list of available options, check help. +> The installer script also supports other parameters such as channel, realtime protection, version, custom path installation etc. To select from the list of available options, check help. >`./mde_installer.sh --help` #### Create a manifest to deploy Defender for Endpoint by configuring repositories manually From 24092cc38f567d179cc8563429f3d5cbcfd2be7a Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 22 Jul 2025 11:45:13 +0530 Subject: [PATCH 08/13] Update linux-install-with-saltack.md --- defender-endpoint/linux-install-with-saltack.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defender-endpoint/linux-install-with-saltack.md b/defender-endpoint/linux-install-with-saltack.md index 8d32005050..0e0384a0ae 100644 --- a/defender-endpoint/linux-install-with-saltack.md +++ b/defender-endpoint/linux-install-with-saltack.md @@ -99,7 +99,7 @@ There are two ways you can create the Saltstack state files: ``` > [!NOTE] -> The installer script also supports other parameters such as channel (insiders-fast, insiders-slow, prod (default)), real-time protection, version, etc. To select from the list of available options, check help through the following command: +> The installer script also supports other parameters such as channel (insiders-fast, insiders-slow, prod (default)), real-time protection, version, custom path installation etc. To select from the list of available options, check help through the following command: >```./mde_installer.sh --help``` ### Create Saltstack state files by manually configuring repositories From cc24710a4fbdca90186509063b09fdac6627dd0c Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 5 Aug 2025 10:11:27 +0530 Subject: [PATCH 09/13] Create linux-custom-path-installation.md --- .../linux-custom-path-installation.md | 132 ++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 defender-endpoint/linux-custom-path-installation.md diff --git a/defender-endpoint/linux-custom-path-installation.md b/defender-endpoint/linux-custom-path-installation.md new file mode 100644 index 0000000000..f7ddac0393 --- /dev/null +++ b/defender-endpoint/linux-custom-path-installation.md @@ -0,0 +1,132 @@ +--- +title: Enable deployment of MDE at custom installation path +description: Describes how to deploy Microsoft Defender for Endpoint on Linux to a custom installation path instead of the default location. +ms.service: defender-endpoint +ms.author: ewalsh +author: emmwalshh +ms.reviewer: gopkr +ms.localizationpriority: medium +manager: deniseb +audience: ITPro +ms.collection: +- m365-security +- tier3 +- mde-linux +ms.topic: install-set-up-deploy +ms.subservice: linux +search.appverid: met150 +ms.date: 08/05/2025 +--- + +# Enable deployment of MDE at custom installation path + +[!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)] + +**Applies to:** + +- Microsoft Defender for Endpoint for servers + +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630&clcid=0x409&culture=&country=us) + +## Introduction + +Microsoft Defender for Endpoint (MDE) on Linux now supports installation to custom paths, allowing organizations to deploy the agent to non-standard locations based on their specific requirements. This feature is particularly useful for environments with: + +- Custom directory structures and organizational policies +- Limited space on the root filesystem +- Specific compliance requirements for application placement +- Multi-tenant environments requiring isolation +- Specialized storage configurations + +By default, MDE installs to the standard system path (`/opt/microsoft/mdatp`). With custom path installation, you can specify an alternative base directory while maintaining the same relative directory structure and functionality. + +## Prerequisites and System Requirements + +Before deploying MDE to a custom path, ensure the following requirements are met: + +### Prerequisites + +- All standard [Prerequisites for Defender for Endpoint on Linux](mde-linux-prerequisites.md) must be satisfied. +- The custom installation directory and its entire tree must have at least `rwxr-xr-x` (755) permissions. +- Ensure adequate disk space in the target location (minimum 2 GB, more for high-performance workloads). +- The target file system must support standard Linux file operations and permissions. +- If SELinux is enabled, the `semanage` tool must be installed to set the correct file context for the custom installation path. + +### Supported Distributions and Feature Availability + +Custom path installation is supported on all [supported Linux distributions](mde-linux-prerequisites.md#supported-linux-distributions) for both x64 and ARM64 architectures. + +> **Note:** The custom installation path feature is available starting from version **101.25062.0003** of Microsoft Defender for Endpoint on Linux. + +## Steps for Installing to a Custom Path + +This section describes only the extra steps needed for custom path installation: + +- **Manual installation**: Perform the following additional setup steps before running the standard manual installation commands described in [linux-install-manually.md](linux-install-manually.md). +- **Installer script**: Add the `--install-path /your/custom/path` parameter. See [installer script deployment guide](linux-installer-script.md). + +### Manual Installation: Pre-Installation Setup + +If you need to manually install Microsoft Defender for Endpoint (MDE) to a custom (non-default) location, follow these additional steps before starting the standard installation process: + +1. **Set your custom path variable**: + + > [!NOTE] + > The custom path must be an absolute path (e.g., `/your/custom/path`). Relative paths are not supported. + + ```bash + export CUSTOM_PATH="/your/custom/path" + ``` + +2. **Create required directories and config file**: + ```bash + sudo mkdir -p "${CUSTOM_PATH}" + sudo mkdir -p /etc/opt/microsoft/mdatp + echo '{"install_path": "'${CUSTOM_PATH}'"}' | sudo tee /etc/opt/microsoft/mdatp/mde_path.json + ``` + +3. **Set permissions**: + ```bash + sudo chmod 755 "${CUSTOM_PATH}" + sudo chmod 644 /etc/opt/microsoft/mdatp/mde_path.json + ``` + +4. **Create symlink**: + ```bash + sudo ln -sf "${CUSTOM_PATH}/opt/microsoft/mdatp" /opt/microsoft/mdatp + ``` + +Then proceed with the standard installation steps for your distribution. + +## Upgrade and Maintenance + +Upgrades for MDE installed in a custom path work the same as standard installations—the installer automatically preserves your existing path and configuration. + +> [!IMPORTANT] +> Changing the installation path during an upgrade is not supported. If you need to change the installation path, you must first uninstall MDE and then reinstall it to the new location. + +## Frequently Asked Questions (FAQ) + +**Can I install MDE to any directory?** +Yes, as long as it’s an absolute path with at least 755 permissions and enough space (minimum 2 GB). + +**Can I change the MDE installation path after installation?** +No, you must uninstall and reinstall to use a different path. + +**How do I upgrade MDE in a custom path?** +Run the usual upgrade commands. Installation path stays unchanged. + +**Can I change the custom path during upgrade?** +No, installation path changes require a fresh install. + + +## See Also + +- [Prerequisites for Microsoft Defender for Endpoint on Linux](mde-linux-prerequisites.md) +- [Deploy Defender for Endpoint on Linux manually](linux-install-manually.md) +- [Use installer script based deployment to deploy Microsoft Defender for Endpoint on Linux](linux-installer-script.md) +- [Troubleshoot installation issues](linux-resources.md#log-installation-issues) +- [Configure Defender for Endpoint on Linux](linux-preferences.md) + +> [!TIP] +> Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: [Microsoft Defender for Endpoint Tech Community](https://techcommunity.microsoft.com/category/microsoft-defender-for-endpoint/discussions/microsoftdefenderatp) From 68d2b31e3c73f26c2e94577ab1d7a35df86d54a4 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 5 Aug 2025 10:29:02 +0530 Subject: [PATCH 10/13] Update linux-install-manually.md --- defender-endpoint/linux-install-manually.md | 43 ++------------------- 1 file changed, 3 insertions(+), 40 deletions(-) diff --git a/defender-endpoint/linux-install-manually.md b/defender-endpoint/linux-install-manually.md index b21f6b0356..3b52e1ad3f 100644 --- a/defender-endpoint/linux-install-manually.md +++ b/defender-endpoint/linux-install-manually.md @@ -55,6 +55,8 @@ A successful deployment requires the completion of all of the following tasks: Before you begin, see [Prerequisites for Defender for Endpoint on Linux](mde-linux-prerequisites.md) for a description of prerequisites and system requirements for the current software version. +For installation at a custom path, refer to [Prerequisites and system requirements for custom path installation](linux-custom-path-installation.md#prerequisites-and-system-requirements). + > [!WARNING] > Upgrading your operating system to a new major version after the product installation requires the product to be reinstalled. You need to [Uninstall](linux-resources.md#uninstall-defender-for-endpoint-on-linux) the existing Defender for Endpoint on Linux application, upgrade the operating system, and then reconfigure Defender for Endpoint on Linux following the steps in this article. @@ -261,46 +263,7 @@ In order to preview new features and provide early feedback, it's recommended th ## Pre Install Setup for Custom Path Installation These steps are applicable only if Defender is to be installed in a custom location. - -The custom installation path is denoted here as - -> [!NOTE] -> Only absolute custom installation path is supported - -1. Create the required directories for setup - ```bash - sudo mkdir -p - sudo mkdir -p /etc/opt/microsoft/mdatp - ``` - -2. Create the config json file `/etc/opt/microsoft/mdatp/mde_path.json`, specifying the custom installation path, in the mde config directory - - File Content: - ``` - {"path":""} - ``` - - For example, if the custom installation path is to be set as `/custom/microsoft_mdatp`, `/etc/opt/microsoft/mdatp/mde_path.json` will be created with the following content: - ``` - {"path":"/custom/microsoft_mdatp"} - ``` -3. Set required permissions - ``` - chmod 755 - chmod 644 /etc/opt/microsoft/mdatp - ``` - -4. Create a symlink to the installation location - ``` - mkdir -p /opt/microsoft - mkdir -p /opt/microsoft/mdatp - ln -sf /opt/microsoft/mdatp /opt/microsoft/mdatp - ``` - > [!NOTE] - > - > If you choose to skip creation of symlink, you can rely on the installer package to create the symlink for you, provided you have - - > 1. 1GB space in /opt or - > 2. You have managed the disk space check issue at your end +For detailed instructions on installing Microsoft Defender for Endpoint to a custom path, see [Manual installation: Pre-installation setup](linux-custom-path-installation.md#manual-installation-pre-installation-setup). ## Application installation From ae8ddae60f3b07c4a5e6fb9d93d0890751e024a3 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 5 Aug 2025 10:36:13 +0530 Subject: [PATCH 11/13] Update linux-custom-path-installation.md --- defender-endpoint/linux-custom-path-installation.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/defender-endpoint/linux-custom-path-installation.md b/defender-endpoint/linux-custom-path-installation.md index f7ddac0393..dd2d5666ca 100644 --- a/defender-endpoint/linux-custom-path-installation.md +++ b/defender-endpoint/linux-custom-path-installation.md @@ -45,8 +45,6 @@ By default, MDE installs to the standard system path (`/opt/microsoft/mdatp`). W Before deploying MDE to a custom path, ensure the following requirements are met: ### Prerequisites - -- All standard [Prerequisites for Defender for Endpoint on Linux](mde-linux-prerequisites.md) must be satisfied. - The custom installation directory and its entire tree must have at least `rwxr-xr-x` (755) permissions. - Ensure adequate disk space in the target location (minimum 2 GB, more for high-performance workloads). - The target file system must support standard Linux file operations and permissions. From 679c145616efa505c4776774990fe3712003dcce Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 5 Aug 2025 10:46:39 +0530 Subject: [PATCH 12/13] Update linux-installer-script.md --- defender-endpoint/linux-installer-script.md | 26 ++++++++------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/defender-endpoint/linux-installer-script.md b/defender-endpoint/linux-installer-script.md index 24b6705cbc..453a30c7b8 100644 --- a/defender-endpoint/linux-installer-script.md +++ b/defender-endpoint/linux-installer-script.md @@ -80,20 +80,11 @@ Before you get started, see [Prerequisites for Defender for Endpoint on Linux](m 4. Execute the installer script and provide the onboarding package as a parameter to install the agent and onboard the device to the Defender portal. - 1. Default Path Installation - - The default installation location is `/` - ```bash - sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req - ``` - 3. Custom Path Installation - - For installation at a custom location, provide the custom installation path - , as a parameter. - ```bash - sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req --install-path - ``` - - These commands deploy the latest agent version to the production channel, check for min system requisites and onboard the device to Defender Portal. + ```bash + sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req + ``` + + This command deploys the latest agent version to the production channel, check for min system requisites and onboard the device to Defender Portal. Additionally you can pass more parameter based on your requirements to modify the installation. Check help for all the available options: @@ -136,12 +127,15 @@ Before you get started, see [Prerequisites for Defender for Endpoint on Linux](m |Upgrade to a specific agent version | `sudo ./mde_installer.sh --upgrade –-mdatp 101.24082.0004` | |Downgrade to a specific agent version | `sudo ./mde_installer.sh --downgrade –-mdatp 101.24082.0004` | |Uninstall agent | `sudo ./mde_installer.sh --remove` | - + |Install to a custom path location | `sudo ./mde_installer.sh --install --onboard ./MicrosoftDefenderATPOnboardingLinuxServer.py --channel prod --min_req --install-path /custom/path/location` | + + For details on installing to a custom path, refer: [Install Defender for Endpoint on Linux to a custom path](linux-custom-path-installation.md). + > [!NOTE] > > 1. Upgrading your operating system to a new major version after the product installation requires the product to be reinstalled. You need to uninstall the existing Defender for Endpoint on Linux, upgrade the operating system, and then reconfigure Defender for Endpoint on Linux. > - > 2. Installation path cannot be changed during upgrade. If MDE is installed in the default path, upgrading to a custom path is not supported. This will be considered as "migration", which is not supported. For migration, either from default to custom path or custom to default path, uninstall MDE. + > 2. The installation path can't be changed after Defender for Endpoint is installed. To use a different path, uninstall and reinstall the product at the new location. ## Verify deployment status From ef9e0b97bbcaa6488a4db3aa6c8681f559e2f641 Mon Sep 17 00:00:00 2001 From: Swapna Johnny <68843997+swapna-johnny@users.noreply.github.com> Date: Tue, 5 Aug 2025 10:51:23 +0530 Subject: [PATCH 13/13] Update linux-install-manually.md --- defender-endpoint/linux-install-manually.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defender-endpoint/linux-install-manually.md b/defender-endpoint/linux-install-manually.md index 3b52e1ad3f..c753a305bb 100644 --- a/defender-endpoint/linux-install-manually.md +++ b/defender-endpoint/linux-install-manually.md @@ -55,8 +55,6 @@ A successful deployment requires the completion of all of the following tasks: Before you begin, see [Prerequisites for Defender for Endpoint on Linux](mde-linux-prerequisites.md) for a description of prerequisites and system requirements for the current software version. -For installation at a custom path, refer to [Prerequisites and system requirements for custom path installation](linux-custom-path-installation.md#prerequisites-and-system-requirements). - > [!WARNING] > Upgrading your operating system to a new major version after the product installation requires the product to be reinstalled. You need to [Uninstall](linux-resources.md#uninstall-defender-for-endpoint-on-linux) the existing Defender for Endpoint on Linux application, upgrade the operating system, and then reconfigure Defender for Endpoint on Linux following the steps in this article. @@ -265,6 +263,8 @@ In order to preview new features and provide early feedback, it's recommended th These steps are applicable only if Defender is to be installed in a custom location. For detailed instructions on installing Microsoft Defender for Endpoint to a custom path, see [Manual installation: Pre-installation setup](linux-custom-path-installation.md#manual-installation-pre-installation-setup). +For details on installing to a custom path, refer: [Install Defender for Endpoint on Linux to a custom path](linux-custom-path-installation.md). + ## Application installation Use the commands in the following sections to install Defender for Endpoint on your Linux distribution.