Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Nous effectuons actuellement la maintenance de notre site Internet. Toute fonctionnalité nécessitant de se connecter est temporairement indisponible. Si vous avez un problème nécessitant une assistance immédiate, veuillez contacter l le support technnique.

Privilege Manager for Unix 7.2.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

Automatic synchronization failed


After a successful Git policy management configuration and automatic update interval setting, Syslog sends the error message:

pmgit: Failed to fetch <Git:_URL>.: Permission denied, please try again. <user>@<host>: Permission denied (publickey,password)

You have not configured Git for passwordless authentication.


Automatic synchronization between Git and SVN is not working because pmgit update cannot run in the background due to a password prompt.


Configure Git to allow Git operations from the policy server towards the remote repository.

Failed to push references to Git URL


After export pmgit sends the error message:

# pmgit export --git-url <Git_URL>
Creating backup from SVN repository ...                             [ OK ]
Creating directory for local Git repository ...                     [ OK ]
Cloning SVN ...                                                     [ OK ]
Setting Git remote ...                                              [ OK ]
Push Git repository to remote ...                               [ ERROR ]
   To <Git_URL>
! [rejected]        <Git_branch> -> <Git_branch> (fetch first)
error: failed to push some refs to '<Git_URL>'

You tried to export to a Git repository which is not empty.


You are unable to export the policies to that Git repository.


Create an empty bare repository.


This is an example for creating an empty bare Git repository from command line.

git init --bare <repo_name>.git

Privilege Manager for Unix Policy File Components

This appendix provides detailed information about the components that you use to construct the pmpolicyPrivilege Manager for Unix security policy file.

Lexical and syntactic productions

One Identity uses the following language standards to define the grammar of the policy scripting language used in Privilege Manager for Unix.

Table 25: Lexical productions
Production Description
<identifier>  ::= [A-Za-z][A-Za-z0-9_]*
<number> ::= [0-9]+
<octalnumber> ::= 0[0-7]+
<hexnumber> ::= 0x[a-fA-F0-9]+
<realnumber> ::= <number> '.' <number>
<string> ::= \" <non-double-quote | backslashed-double-quote >* \"

| ' <non-single-quote | backslashed-single-quote >* '

<non-double-quote> ::= [^\"]
<backslashed-double-quote> ::= \\\"
<non-single-quote> ::= [^']
<backslashed-single-quote> ::= \\'
<comment> ::= <shell-style-comment> | <c-style-comment> | <cplusplus-style-comment>
<shell-style-comment> ::= '#' [^\n]*
<c-style-comment> ::= /\* [^\*/]* \*/


::= // [^\n]*

Table 26: Syntactic productions
Production Description
Policy ::= { Statement | Procedure }
Procedure ::= ( 'procedure' | 'function' ) <identifier> '(' [Parameters] ')' BlockStatement
Parameters ::= Parameter {',' Parameter }
Parameter ::= <identifier> ['=' Expression]
Statements ::= Statement { Statement }

::= IfStatement | ForStatement | DoWhileStatement | WhileStatement | SwitchStatement | BreakStatement | ContinueStatement | ReturnStatement | AcceptStatement | RejectStatement | IncludeStatement | ReadOnlyStatement | ReadOnlyExceptStatement | ExpressionStatement | BlockStatement

IfStatement ::= 'if' '(' Expression ')' Statement [ 'else' Statement ]
WhileStatement ::= 'while' '(' Expression ')' Statement
DoWhileStatement ::= 'do' BlockStatement 'while' '(' Expression ')' ';'

::= 'for' '(' Expressions ';' Expression ';' [Expression] ')' Statement | 'for' '(' <identifier> 'in' Expression ')' Statement

SwitchStatement ::= 'switch' '(' Expression ')' '{' [Cases][Default] '}'
Cases ::= Case { Case }
Case ::= 'case' Expression ':' Statements
Default ::= 'default' Statements
BreakStatement ::= 'break' ';'
ContinueStatement ::= 'continue' ';'
ReturnStatement ::= 'return' [ Expression ] ';'
IncludeStatement ::= 'include' Expression ';'
AcceptStatement ::= 'accept' ';'
RejectStatement ::= 'reject' [ Expression ] ';'
ReadOnlyStatement ::= 'readonly' Expression ';'
ReadOnlyExceptStatement ::= 'readonlyexcept' Expression ';'
ExpressionStatement ::= Expression ';'
BlockStatement ::= '{' Statements '}'
Expressions ::= Expression {',' Expressions }
Expression ::= AssignmentExpression | ConditionalExpression
AssignmentExpression ::= PrimaryExpression { AssignmentOp Expression }
AssignmentOp ::= '=' | '+=' | '-=' | '*=' | '/='
ConditionalExpression ::= LogicalOrExpression [ '?' Expression ':' Expression ]
LogicalOrExpression ::= LogicalAndExpression { '||' LogicalAndExpression }
LogicalAndExpression ::= BitwiseOrExpression { '&&' BitwiseOrExpression }
BitwiseOrExpression ::= BitwiseAndExpression { '|' BitwiseAndExpression }
BitwiseAndExpression ::= EqualityExpression { '&' EqualityExpression }
EqualityExpression ::= RelationalExpression { EqualityOp RelationalExpression }
EqualityOp ::= '==' | '!=
RelationalExpression ::= AdditiveExpression { RelationalOp AdditiveExpression }
RelationalOp ::= '<' | '>' | '<=' | '>=' | 'in'
AdditiveExpression ::= MultiplicativeExpression { AdditiveOp MultiplicativeExpression }
AdditiveOp ::= '+' | '-'
MultiplicativeExpression ::= PrimaryExpression { MultiplicativeOp PrimaryExpression }
MultiplicativeOp ::= '*' | '/' | '%'

::= PrefixAssignmentExpression | DesignatorExpression | LiteralExpression | '-' Expression | '!' Expression | 'typeof' Expression | 'defined' <identifier> | '(' Expression ')'

PrefixAssignmentExpression ::= PrefixOp <identifier>
PrefixOp ::= '++' | '--'

::= <identifier> | <identifier> PostfixOp | <identifier> Arguments | <identifier> ListAccess { ListAccess }

PostfixOp ::= '++' | '--'
Arguments ::= '(' [Expressions]  ')'
ListAccess ::= '[' Expression ']'
LiteralExpression ::= <string> | <number> | <hexnumber> | <octalnumber> | <realnumber> | ListLiteral


::= '{' [Expressions] '}'

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation