--- title: "Fresh Install Polarity Server v5 with Podman" slug: "polarity-server-v5-fresh-install-podman" description: "Step-by-step guide to deploy Polarity Server v5 using Podman as a Docker alternative. Learn container setup, initial configuration, and deployment best practices for a fresh installation." updated: 2026-03-26T21:46:13Z published: 2026-03-26T21:46:13Z stale: true --- > ## Documentation Index > Fetch the complete documentation index at: https://knowledge.threatconnect.com/llms.txt > Use this file to discover all available pages before exploring further. # Fresh Install (Podman) ## Given: - A Linux Server - Access to install standard software from repositories - A valid Polarity License - The Polarity Server install script ## Procedure: **Enterprise Linux variants** 1. **Install prerequisite software:** 1. ***Includes the following software:*** 1. `epel-release` 2. `podman` 3. `podman-compose` 4. `jq` 5. `postgresql` 6. `wget` 7. `container-selinux` 8. `policycoreutils-python-utils` 9. `python3-dotenv` 2. **Commands:** 1. ```bash # Install and update the EPEL repository sudo dnf install epel-release -y sudo dnf update -y # Ensure PostgreSQL module version is up to date sudo dnf module enable postgresql:16 -y # Install the prerequisite software sudo dnf install -y \ podman \ podman-compose \ jq \ postgresql \ wget \ container-selinux \ policycoreutils-python-utils \ python3-dotenv ``` 2. **Add the desired user to own the Polarity Server container processes:** 1. We use the `polarityd` user with UID:GID `31337:31337` by default. 2. ```bash # Add the user to the system sudo useradd -u 31337 -U -m -d /app -s /bin/bash polarityd # Set the new user's password sudo passwd polarityd # Set user's ownership over home directory sudo chown -R polarityd: /app ``` 3. **Allow Polarity Server process owner to maintain ownership without an active session:** 1. `sudo loginctl enable-linger 31337` 4. **Add the Polarity Server process owner to the**`wheel`**group:** 1. ```bash # Verify polarityd's current group membership sudo groups polarityd ## example output - "polarityd: polarityd" # IF polarityd is NOT in the wheel group, add them sudo groupmod -a -U polarityd wheel # Re-verify polarityd's group membership sudo groups polarityd ## example output - "polarityd: polarityd wheel" ``` 5. **Download the Polarity Server installation script and execute it (as the process owner):** 1. **Switch user to the Polarity Server process owner:** 1. `sudo su - polarityd` 2. Script may have a filename in the format `install-<web.version>-<server.version>-offline-selfextract.sh`. 1. `wget https://<download.url>/install-5.5.0-5.5.1-offline-selfextract.sh` 2. ***You can get the URL from your Customer Success team.*** 3. **Make the script executable:** 1. `chmod u+x ./install-5.5.0-5.5.1-offline-selfextract.sh` 4. ***Add your Polarity License file to the same directory as the install script.*** 5. **Execute the script with**`sudo`**.** 1. `sudo ./install-5.5.0-5.5.1-offline-selfextract.sh` 6. ***If Docker is installed, the script will automatically choose Docker as the container engine. To force the script to use Podman instead, prepend execution with***`CONTAINER_ENGINE=podman`***:*** 1. `sudo CONTAINER_ENGINE=podman ./install-5.5.0-5.5.1-offline-selfextract.sh` > [!WARNING] > **Installation will fail if your Polarity License file is not in the same directory as the installation script.** **Debian Linux variants** 1. **Install prerequisite software:** 1. ***Includes the following software:*** 1. `podman` 2. `podman-compose` 3. `jq` 4. `postgresql-client` 5. `wget` 6. `uidmap` 7. `rootlesskit` 8. `slirp4netns` 2. **Commands:** 1. ```bash # Ensure repositories are up to date sudo apt-get update # Install the prerequisite software sudo apt-get install -y \ podman \ podman-compose \ jq \ postgresql-client \ wget \ uidmap \ rootlesskit \ slirp4netns ``` 2. **Add the desired user to own the Polarity Server container processes:** 1. We use the `polarityd` user, with UID:GID `31337:31337` by default. 1. ```bash # Add the user to the system sudo useradd -u 31337 -U -m -d /app -s /bin/bash polarityd # Set the new user's password sudo passwd polarityd # Set user's ownership over home directory sudo chown -R polarityd: /app ``` 3. **Prepare the Polarity Server process owner to execute the installation script:** 1. **Allow Polarity Server process owner to maintain ownership without an active session:** 1. `sudo loginctl enable-linger 31337` 2. **Add the Polarity Server process owner to the**`adm`**and**`sudo`**groups:** 1. ```bash # Verify polarityd's current group membership sudo groups polarityd ## example output - "polarityd: polarityd" # IF polarityd is NOT in the adm and sudo groups, add them sudo groupmod -a -U polarityd adm sudo groupmod -a -U polarityd sudo # Re-verify polarityd's group membership sudo groups polarityd ## example output - "polarityd: polarityd adm sudo" ``` 4. **Download the Polarity Server installation script and execute it (as the process owner):** 1. **Switch user to the Polarity Server process owner:** 1. `sudo su - polarityd` 2. Script may have a filename in the format `install-<web.version>-<server.version>-offline-selfextract.sh` (or similar). 1. `wget https://<download.url>/install-5.5.0-5.5.1-offline-selfextract.sh` 2. ***You can get the URL from your Customer Success team.*** 3. **Make the script executable:** 1. `chmod u+x ./install-5.5.0-5.5.1-offline-selfextract.sh` 4. ***Add your Polarity license file to the same directory as the install script.*** 5. **Execute the script as the process owner (ie. do not use**`sudo`**):** 1. `./install-5.5.0-5.5.1-offline-selfextract.sh` 2. ***You may be prompted a few times for the process owner’s password (to make system changes, etc.).*** 6. ***If Docker is installed, the script will automatically choose Docker as the container engine.****To force the script to use Podman instead, prepend execution with*`CONTAINER_ENGINE=podman`*:* 1. `CONTAINER_ENGINE=podman ./install-5.5.0-5.5.1-offline-selfextract.sh` > [!WARNING] > **Installation will fail if your Polarity License file is not in the same directory as the installation script.**