Description
Type list READ/WRITE
rungroups is a modifiable copy of the groups input variable. It specifies the full list of groups for pmlocad to use when initializing the runtime environment.
Example
if ( (user == "apache") && (command == "admin.cgi") )
{
rungroups={"admin","operators"};
}
Description
Type string READ/WRITE
runhost specifies the host on which the runcommand will run.
Example
If ( command == "runSimulation" )
{
runhost="sol34.test.com";
}
Description
Type integer READ/WRITE
runnice specifies the execution priority that pmlocald sets when initializing the runtime environment. (For more details, see the UNIX man pages for nice.)
Example
if ( timebetween(900,1630) )
{
runnice=010;
}
else
{
runnice=020;
}
Description
Type list READ/WRITE
A list of permitted paths for commands. If configured, the agent rejects a command if it is not run from one of these paths, even if the command is authorized by the policy.
Example
# allow commands only from the /bin, /sbin, /usr/bin, and /usr/sbin directories
runpaths={"/bin", "/sbin", "/usr/bin", "/usr/sbin"};