pmtunneld [ [-v] | [-z on|off[:<pid>]] | [[-e <logfile>] [-s] ] ]
The pmtunneld command acts as a proxy for pmrun when pmlocald communicates with pmrun through a firewall.
Communication sent from pmlocald is transmitted using port number 12347, by default, and received by pmtunneld. pmtunneld then transmits the data to pmrun. See Configuring pmtunneld for details.
pmtunneld has the following options.
Option | Description |
---|---|
-e <logfile> |
Logs any tunnel proxy daemon errors in the file specified. |
-s |
Sends any tunnel proxy daemon errors to syslog. |
-v |
Displays the version number of Privilege Manager for Unix and exits. |
-z |
Enables or disables tracing for this program and optionally for a currently running process. Refer to Enabling program-level tracing before using this option. |
pmumacs /<full_path_name>
The pmumacs text editor is a special version of microemacs that you can use securely with Privilege Manager for Unix programs; it is similar to the umacs editor. umacs is a small version of emacs with gosling-style emacs key bindings. You must specify a full path name as an argument when starting pmumacs. Also, you will not be able to access any files other than the ones you specified at startup time nor spawn any processes.
Use pmumacs to allow users to access a specific file as root but no other root functions.
pmverifyprofilepolicy [-v | [-c][-z on|off[:<pid>]]] [-f <filename>] [-p <policydir>]
Use pmverifyprofilepolicy to verify the syntax and structure of the policy file and check whether a particular command will be accepted or rejected. The policy is assumed to match the format of the default profile policy; if it is not in the expected format, then it displays an error for each file that is missing or is not in the correct format.
pmverifyprofilepolicy has the following options.
Option | Description |
---|---|
-c |
Displays output in csv, rather than human-readable, format. The following line displays for each syntax error encountered: PMCHECKERROR,<filename>,<linenumber>,<error_description> The overall result displays in the following format: PMVERIFYPROFILERESULT,<result>,<description> where result can be: 0:success or -1:fail For each file expected to contain data only, it prints the following line to stdout for each statement found in the file that is not a comment or variable assignment: PMVERIFYPROFILECHECK,<filename>,<linenumber>,<description> For each file expected to be unchanged, it prints the following line to stdout: PMVERIFYPROFILENOMATCH,<filename>,<linenumber>,<description> |
-f <filename> | Provides an alternative policy filename to check. If not fully qualified, this path is interpreted as relative to the policydir, rather than to the current directory. |
-p <policydir> | Forces pmverifyprofilepolicy to search for a different policy directory for include files identified by relative path. The default location is the policydir setting in pm.setting. |
-v | Prints the Privilege Manager for Unix version and exits. |
-z |
Enables or disables debug tracing, and optionally sends SIGHUP to running process. Refer to Enabling program-level tracing before using this option. |
pmvi /<full_path_name>
The pmvi editor is a special version of vi that you can use securely with Privilege Manager for Unix programs. You must specify a full path name as an argument when starting pmvi. Also, you will not be able to access any files other than the ones you specified at startup time nor spawn any processes.
Use pmvi to allow users to access a specific file as root but no other root functions.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Nutzungsbedingungen Datenschutz Cookie Preference Center