Converse agora com nosso suporte
Chat com o suporte

Privilege Manager for Unix 7.2.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

profile_use_runuser

Description

Type string READ/WRITE

The environment in which the runcommand runs is normally initialized from the submitting user's environment (that is, the env variable). To direct the pmlocald daemon to initialize the runtime environment using the runuser's environment on the agent instead, set profile_use_runuser to true. The default value is false.

Note that profile_use_runuser causes the runuser's dotfiles to run without an associated tty. The dotfiles (that is, .profile) should test for the existence of a tty (if `tty -s`) before a command runs that relies on a tty (for example, "who am i", "tset", "stty").

Example
if (defined pmshell) 
{ 
   profile_use_runuser=true; 
}

rejectmsg

Description

Type string READ/WRITE

rejectmsg contains the message that displays when a request is rejected.

Example
rejectmsg= "You are not permitted to run this command";

runargv

Description

Type list READ/WRITE

runargv specifies the complete argument list for the session. This variable is initialized from the value of the incoming argv variable.

Example
# Setting the runargv in the policy file can be used to add additional 
# command line arguments to programs 
if (command == "runTest") 
{ 
   runargv=replace(runargv,1,length(runargv)); 
   runargv=append(runargv, "-u", user }; 
}
Related Topics

argv

runbkgd

Description

Type boolean WRITABLE

runbkgd determines whether a command is run in the background. If set to True, the command will ignore the SIGHUP (hangup) signal. This variable is initialized from the value of the incoming variable bkgd.

This variable does not affect commands run via sudo.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação