Chat now with support
Chat with Support

Safeguard for Sudo 7.1.1 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Troubleshooting Safeguard Variables Safeguard programs Installation Packages Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

runcksum

Description

Type string READ/WRITE

If runcksum is defined, pmlocald verifies the value of this variable against the checksum of the runcommand and rejects the request if it does not match. Set this variable to the value produced by running the pmsum command on the agent with the full pathname of the runcommand.

You can use this method to detect a program that has been changed without authorization, and a program that a user is attempting to run from an unauthorized path.

Example
# Generate a checksum value for the program "/usr/bin/passwd" on the agent:host1 
# for use in the policy file on the policy server. 
pmsum /usr/bin/passwd 

# The pmsum command displays the output: 
fbc9cf01 /usr/bin/passwd 

# Update the security policy using this checksum: 

if (( basename(runcommand) == "passwd" ) && (host == "host1")) 
{ 
   runcksum="fbc9cf01"; 
}
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating