Chat now with support
Chat mit Support

Safeguard for Sudo 7.3 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Supported sudo plugins Troubleshooting Safeguard for Sudo Variables Safeguard for Sudo programs Installation Packages Supported Sudoers directives Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

pmgit export

This subcommand exports the current policies from the SVN policy repository to a Git policy repository, and has the following arguments:

--git-url

Alias

-g

Type

string

Value

<git-policy-repository-url>

Default

N/A

Description: Sets the URL of the Git policy repository. The policy repository must be an empty bare repository, or Git will reject the operation.

Syntax

--git-url <git-policy-repository-url>
--branch

Alias

-b

Type:

string

Values:

<branch-of-policy-files>

Default:

master

Description: Sets the Git branch where the policy files are stored. If this argument is not specified, policies are exported to the default branch (master).

Syntax

--branch <branch-of-policy-files>
Example for exporting an SVN policy repository

In this example, the SVN policy repository is exported to the exported_policies.git Git policy repository. The URL to the Git policy repository is https://github.com/user/exported_policies.git, and the policies are exported to the main branch.

pmgit export --git-url https://github.com/user/exported_policies.git --branch main

pmgit Import

This subcommand imports policies from an existing Git policy repository and commits the files on top of the trunk in the SVN policy repository.

--git-url

Alias

-g

Type

string

Value

<git-policy-repository-url>

Default

N/A

Description: Sets the URL of the Git policy repository. The policy repository must be an existing repository, containing the policy files.

Syntax

--git-url <git-policy-repository-url>
--branch

Alias

-b

Type:

string

Values:

<branch-of-policy-files>

Default:

master

Description: Sets the Git branch where the policy files are stored. If this argument is not provided, policies are imported from the default branch (master).

Syntax

--branch <branch-of-policy-files>
Examples

In this example, an existing Git policy repository is imported from the URL https://github.com/user/exported_policies.git. The branch in this example is not specified by an argument, so the policies are imported from default (master) branch.

pmgit import --git-url https://github.com/user/policies_to_import.git

pmgit Enable

This subcommand enables Git policy management. You can no longer edit policies on the policy server.

--export

Alias

-e

Type

string

Value

N/A

Default

N/A

Description: Before enabling Git policy management, policies are exported from SVN to an empty Git policy repository. This option cannot be used in conjunction with the -m (--import) option.

Syntax

--export
--import

Alias

-m

Type

string

Value

N/A

Default

N/A

Description: Before enabling Git policy management, policies are imported from an existing Git policy repository. This option cannot be used used in conjunction with the -e (--export) option.

Syntax

--import
--git-url

Alias

-g

Type

string

Value

<git-policy-repository-url>

Default

N/A

Description: Sets the URL of the Git policy repository. This option only has an effect when used in conjunction with the -e (--export) or -m (--import) options.

Syntax

--git-url <git-policy-repository-url>
--branch

Alias

-b

Type:

string

Values:

<branch-of-policy-files>

Default:

master

Description: Sets the Git branch where the policy files are stored. If this argument is not set, the default branch (master) will be used. This option only has an effect when used in conjunction with the -e (--export) or -m (--import) options.

Syntax

--branch <branch-of-policy-files>
--update-interval

Alias

-u

Type:

integer

Values:

0-60 (minutes)

Default:

5 (minutes)

Description: Sets the synchronization interval between Git and SVN. This value must be in the [0-60] minutes interval. If this argument is not set, the default value (5 minutes) will be used. If this argument is set to 0, periodic updates will be disabled. For manual update, run the pmgit update command.

Syntax

--update-interval <[0-60]>
--alert-script

Alias

-a

Type:

string

Values:

<path-to-script>

Default:

N/A

Description: Sets the path to a user-defined script which is run when the synchronization from Git to SVN fails due to syntax errors. This option only has an effect when used in conjunction with the -e (--export) or -m (--import) options.

Syntax

--alert-script <path-to-script>
Examples

In this example, the Git policy management is enabled, the SVN repository is exported to an empty Git policy repository, which has the URL https://github.com/user/exported_policies.git. The name of the branch is main, the update interval is set to 60 minutes, and the path to the alert script is /path/to/script.

pmgit enable
pmgit enable -e -g https://github.com/user/exported_policies.git -b main -u 60 -a /path/to/script

pmgit Disable

This subcommand disables Git policy management. Policies can be managed on the policy servers with the pmpolicy command.

--restore

Alias

-r

Type:

string

Values:

<name-of-backup-file>

Default:

N/A

Description: When Git policy management is disabled, the SVN policy repository is restored from a previously created backup file.

Syntax

--restore <name-of-backup-file>
Examples

In this example, the Git policy management is disabled, and the repository is restored from a previously created backup file.

pmgit disable
pmgit disable --restore sudoers_policy_202101011000.tar
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen