This appendix provides detailed information about the variables that may be present in event log entries:
See also Profile variables for additional information about policy profile variables.
Privilege Manager for Unix uses a number of predefined global variables and user-defined variables within the pmpolicy scripting language.
Here is some general information about user-defined variables:
All variables are global in scope unless declared from within a function or procedure.
If a variable is first declared in a function or procedure, it has local scope within that particular function or procedure and is deleted once the function or procedure returns.
gvar1="global"; procedure p1() { gvar1="changed in f1"; #gvar1 has global scope pvar1="local_to_p1"; #pvar1 is local to procedure p1() p2(); } procedure p2() { gvar1="changed in f2"; # gvar1 is still global print((defined pvar1? pvar1 : "undefined")); # this line prints "undefined" since # pvar1 is now out of scope }
The following predefined global variables are initialized from the submit-user’s environment.
Variable | Data type | Description |
---|---|---|
alertkeymatch | sting | The pattern matched by pmlocald. |
argc | integer | Number of arguments in the request. |
argv | list | List of arguments in the request. |
boolean |
Reflects the "-b" background argument of a pmrun call. | |
client_parent_pid | integer | Process ID of the client's parent process. |
client_parent_uid | integer | User ID associated with the client's parent process. |
client_parent_procname | string | Process name of a client's parent process. |
clienthost | string | Originating login host. |
command | string | Pathname of the request. |
cwd | string | Current working directory. |
date | string | Current date. |
day | integer | Current day of month as integer. |
dayname | string | Current day of the week. |
domainname | string | The Active Directory domain name for the submit user if Authentication Services is configured. |
env | list | List of submit user’s environment variables. |
false | integer | Constant value. |
FEATURE_LDAP | integer | Read-only constant used with feature_enabled() function. |
FEATURE_VAS | integer | Read-only constant used with feature_enabled() function. |
gid | integer | Group ID of the submitting user’s primary group on sudo host. |
group | string | Submit user’s primary group. |
groups | list | Submit user’s secondary groups. |
host | string | Host destined to run the request. |
hour | integer | Current hour. |
masterhost | sting | Host on which the master process is running. |
masterversion | string | Privilege Manager for Unix version of masterhost. |
minute | integer | Current minute. |
month | integer | Current month. |
nice | integer | nice value of the submit user’s login. |
nodename | string |
Hostname of pmrun agent. |
integer |
Contains the parameter for the last argument or empty string. | |
integer |
Determines whether to display errors from the getopt functions. | |
integer |
Contains the current argument list index. Use with getopt functions. | |
string |
Contains the letter of the last option that had an issue. Use with getopt functions. | |
boolean |
Restarts the getopt functions from the beginning. | |
boolean |
Lets getopt_long() recognize non-compliant argument parameter forms. | |
pid | integer | Process ID of the master process. |
pmclient_type | integer | The type of client that sent the request. |
pmclient_type_pmrun | integer | Read-only constant for pmrun type clients. |
pmclient_type_sudo | integer | Read-only constant for sudo type clients. |
pmshell | integer | Identifies a Privilege Manager for Unix shell program. |
pmshell_builtin | integer | A constant value that identifies a shell builtin command. |
pmshell_cmd | integer | Identifies a command run from a Privilege Manager for Unix shell program. |
pmshell_cmdtype | integer | Identifies type of a shell subcommand. |
pmshell_exe | integer | A constant value that identifies a normal executable command. |
pmshell_interpreter | integer | Identifies the program directive of a shell script. |
pmshell_prog | string | Name of the Privilege Manager for Unix shell program. |
pmshell_script | integer | A constant value that identifies a shell script. |
pmshell_uniqueid | string | uniqueid of the Privilege Manager for Unix shell program. |
pmversion | string | Privilege Manager for Unix version string of client. |
ptyflags | string | Identifies ptyflags of the request. |
requestlocal | integer | Indicates if the request is local. |
requestuser | string | User that the submit user wants to run the request. |
string |
Controls the maximum memory that is available to a process. | |
string |
Controls the maximum size of a core file. | |
string |
Controls the maximum size CPU time of a process. | |
string |
Controls the maximum size of data segment of a process. | |
string |
Controls the maximum size of a file. | |
string |
Control the maximum number of file locks for a process. | |
string |
Controls the maximum number of bytes of virtual memory that can be locked. | |
string |
Controls the maximum number of files a user may have open at a given time. | |
string |
Controls the maximum number of processes a user may run at a given time. | |
string |
Controls the maximum size of the resident set (number of virtual pages resident at a given time) of a process. | |
string |
Controls the maximum size of the process stack. | |
samaccount | string | The sAMAccountName for the submit user if Authentication Services is configured. |
integer |
Identifies whether a client is running an SELinux environment. | |
status | integer | Exit status of the most recent system command. |
submithost | string | Name of the submit host. |
submithostip | string | IP address of the submit host. |
thishost | string | The value of the thishost setting in pm.settings on the client. |
time | string | Current time of request. |
true | integer | Read-only constant with a value of 1. |
ttyname | string | ttyname of the submit request. |
string |
Name of the time zone on the server at the time the event was read from the event log by pmlog. | |
uid | integer | User ID of the submitting user on host. |
umask | integer | umask of the submit user. |
unameclient | list | Uname output on host. |
list |
Unameoutput on policy server host. | |
uniqueid | string | Uniquely identifies a request in the event log. |
use_rundir | string | Contains the value "!~!" and represents the runuser’s home directory on the runhost. |
use_rungroup | string | Contains the value "!g!" and represents the runuser’s primary group on the runhost. |
use_rungroups | string | Contains the value "!G!" and represents the runuser’s secondary group list on the runhost. |
use_runshell | string | Contains the value "!!!" and represents the runuser’s login shell on the runhost. |
user | string | Submit user. |
integer |
Year of the request (YY). |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center