サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

Automatic synchronization failed

Error

After a successful Git policy management configuration and automatic update interval setting, Syslog sends the error message:

pmgit: Failed to fetch <Git:_URL>.: Permission denied, please try again. <user>@<host>: Permission denied (publickey,password)
Cause

You have not configured Git for passwordless authentication.

Effect

Automatic synchronization between Git and SVN is not working because pmgit update cannot run in the background due to a password prompt.

Solution

Configure Git to allow Git operations from the policy server towards the remote repository.

Failed to push references to Git URL

Error

After export pmgit sends the error message:

# pmgit export --git-url <Git_URL>
Creating backup from SVN repository ...                             [ OK ]
Creating directory for local Git repository ...                     [ OK ]
Cloning SVN ...                                                     [ OK ]
Setting Git remote ...                                              [ OK ]
Push Git repository to remote ...                               [ ERROR ]
   To <Git_URL>
! [rejected]        <Git_branch> -> <Git_branch> (fetch first)
error: failed to push some refs to '<Git_URL>'
Cause

You tried to export to a Git repository which is not empty.

Effect

You are unable to export the policies to that Git repository.

Solution

Create an empty bare repository.

Example

This is an example for creating an empty bare Git repository from command line.

git init --bare <repo_name>.git

Privilege Manager for Unix Policy File Components

This appendix provides detailed information about the components that you use to construct the pmpolicyPrivilege Manager for Unix security policy file.

Lexical and syntactic productions

One Identity uses the following language standards to define the grammar of the policy scripting language used in Privilege Manager for Unix.

Table 25: Lexical productions
Production Description

<identifier>

::= [A-Za-z][A-Za-z0-9_]*

<number>

::= [0-9]+

<octalnumber>

::= 0[0-7]+

<hexnumber>

::= 0x[a-fA-F0-9]+

<realnumber>

::= <number> '.' <number>

<string>

::= \" <non-double-quote | backslashed-double-quote >* \"

| ' <non-single-quote | backslashed-single-quote >* '

<non-double-quote>

::= [^\"]

<backslashed-double-quote>

::= \\\"

<non-single-quote>

::= [^']

<backslashed-single-quote>

::= \\'

<comment>

::= <shell-style-comment> | <c-style-comment> | <cplusplus-style-comment>

<shell-style-comment>

::= '#' [^\n]*

<c-style-comment>

::= /\* [^\*/]* \*/

<cplusplus-style-comment>

::= // [^\n]*

Table 26: Syntactic productions
Production Description

Policy

::= { Statement | Procedure }

Procedure

::= ( 'procedure' | 'function' ) <identifier> '(' [Parameters] ')' BlockStatement

Parameters

::= Parameter {',' Parameter }

Parameter

::= <identifier> ['=' Expression]

Statements

::= Statement { Statement }

Statement

::= IfStatement | ForStatement | DoWhileStatement | WhileStatement | SwitchStatement | BreakStatement | ContinueStatement | ReturnStatement | AcceptStatement | RejectStatement | IncludeStatement | ReadOnlyStatement | ReadOnlyExceptStatement | ExpressionStatement | BlockStatement

IfStatement

::= 'if' '(' Expression ')' Statement [ 'else' Statement ]

WhileStatement

::= 'while' '(' Expression ')' Statement

DoWhileStatement

::= 'do' BlockStatement 'while' '(' Expression ')' ';'

ForStatement

::= 'for' '(' Expressions ';' Expression ';' [Expression] ')' Statement | 'for' '(' <identifier> 'in' Expression ')' Statement

SwitchStatement

::= 'switch' '(' Expression ')' '{' [Cases][Default] '}'

Cases

::= Case { Case }

Case

::= 'case' Expression ':' Statements

Default

::= 'default' Statements

BreakStatement

::= 'break' ';'

ContinueStatement

::= 'continue' ';'

ReturnStatement

::= 'return' [ Expression ] ';'

IncludeStatement

::= 'include' Expression ';'

AcceptStatement

::= 'accept' ';'

RejectStatement

::= 'reject' [ Expression ] ';'

ReadOnlyStatement

::= 'readonly' Expression ';'

ReadOnlyExceptStatement

::= 'readonlyexcept' Expression ';'

ExpressionStatement

::= Expression ';'

BlockStatement

::= '{' Statements '}'

Expressions

::= Expression {',' Expressions }

Expression

::= AssignmentExpression | ConditionalExpression

AssignmentExpression

::= PrimaryExpression { AssignmentOp Expression }

AssignmentOp

::= '=' | '+=' | '-=' | '*=' | '/='

ConditionalExpression

::= LogicalOrExpression [ '?' Expression ':' Expression ]

LogicalOrExpression

::= LogicalAndExpression { '||' LogicalAndExpression }

LogicalAndExpression

::= BitwiseOrExpression { '&&' BitwiseOrExpression }

BitwiseOrExpression

::= BitwiseAndExpression { '|' BitwiseAndExpression }

BitwiseAndExpression

::= EqualityExpression { '&' EqualityExpression }

EqualityExpression

::= RelationalExpression { EqualityOp RelationalExpression }

EqualityOp

::= '==' | '!=

RelationalExpression

::= AdditiveExpression { RelationalOp AdditiveExpression }

RelationalOp

::= '<' | '>' | '<=' | '>=' | 'in'

AdditiveExpression

::= MultiplicativeExpression { AdditiveOp MultiplicativeExpression }

AdditiveOp

::= '+' | '-'

MultiplicativeExpression

::= PrimaryExpression { MultiplicativeOp PrimaryExpression }

MultiplicativeOp

::= '*' | '/' | '%'

PrimaryExpression

::= PrefixAssignmentExpression | DesignatorExpression | LiteralExpression | '-' Expression | '!' Expression | 'typeof' Expression | 'defined' <identifier> | '(' Expression ')'

PrefixAssignmentExpression

::= PrefixOp <identifier>

PrefixOp

::= '++' | '--'

DesignatorExpression

::= <identifier> | <identifier> PostfixOp | <identifier> Arguments | <identifier> ListAccess { ListAccess }

PostfixOp

::= '++' | '--'

Arguments

::= '(' [Expressions] ')'

ListAccess

::= '[' Expression ']'

LiteralExpression

::= <string> | <number> | <hexnumber> | <octalnumber> | <realnumber> | ListLiteral

ListLiteral

::= '{' [Expressions] '}'

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択