Chat now with support
Chat mit Support

Privilege Manager for Unix 7.2.1 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

rungroups

Description

Type list READ/WRITE

rungroups is a modifiable copy of the groups input variable. It specifies the full list of groups for pmlocad to use when initializing the runtime environment.

Example
if ( (user == "apache") && (command == "admin.cgi") ) 
{ 
   rungroups={"admin","operators"}; 
}
Related Topics

groups

group

rungroup

runhost

Description

Type string READ/WRITE

runhost specifies the host on which the runcommand will run.

Example
If ( command == "runSimulation" ) 
{ 
   runhost="sol34.test.com"; 
}
Related Topics

host

runnice

Description

Type integer READ/WRITE

runnice specifies the execution priority that pmlocald sets when initializing the runtime environment. (For more details, see the UNIX man pages for nice.)

Example
if ( timebetween(900,1630) ) 
{ 
   runnice=010; 
} 
   else 
{ 
   runnice=020; 
}
Related Topics

nice

runpaths

Description

Type list READ/WRITE

A list of permitted paths for commands. If configured, the agent rejects a command if it is not run from one of these paths, even if the command is authorized by the policy.

Example
# allow commands only from the /bin, /sbin, /usr/bin, and /usr/sbin directories 
runpaths={"/bin", "/sbin", "/usr/bin", "/usr/sbin"};
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen