Chatta subito con l'assistenza
Chat con il supporto

Privilege Manager for Unix 7.1 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

client_parent_pid

Description

Type integer READONLY

Process ID of client's parent process.

Example
# only allow requests submitted from a login shell
# (parent process name starts with a dash) 
if (client_parent_procname[0] == "-") { 
   printf("process info -- name:[%s], pid[%d], uid[%d]\n" 
      client_parent_procname, client_parent_pid, client_parent_uid); 
   reject "only requests from login shells are allowed"; 
}

client_parent_uid

Description

Type integer READONLY

User ID associated with the client's parent process.

Example
# only allow requests submitted from a login shell 
# (parent process name starts with a dash) 
if (client_parent_procname[0] == "-") { 
   printf("process info -- name:[%s], pid[%d], uid[%d]\n" 
      client_parent_procname, client_parent_pid, client_parent_uid); 
   reject "only requests from login shells are allowed"; 
}

client_parent_procname

Description

Type string READONLY

Process name of a client's parent process.

Example
# only allow requests submitted from a login shell
# (parent process name starts with a dash) 
if (client_parent_procname[0] == "-") { 
   printf("process info -- name:[%s], pid[%d], uid[%d]\n" 
      client_parent_procname, client_parent_pid, client_parent_uid); 
   reject "only requests from login shells are allowed"; 
}

clienthost

Description

Type string READONLY

clienthost contains the host name/IP address of the requesting host. For a typical pmrun command, this will be identical to the submithost variable. For a Privilege Manager for Unix shell running as a login shell (for example, pmksh, pmcsh, pmsh, pmloginshell, and pmbash), this will contain the host name from which the user is logging in, which may not be a Privilege Manager for Unix host. For example, if the user logs in by means of a telnet session from a Windows PC, then the clienthost variable will contain the host name of the Windows PC. Always use short names when checking the clienthost variable, as some login programs may truncate the full host name.

Example
# reject commands being issued from unknown workstations 
workstations = {"sun34","sun35","sun36"}; 
if (!(clienthost in workstations)) 
   reject;
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione