Description
Type list READ/WRITE
A list of permitted paths for commands. If configured, the agent rejects a command if it is not run from one of these paths, even if the command is authorized by the policy.
Example
# allow commands only from the /bin, /sbin, /usr/bin, and /usr/sbin directories
runpaths={"/bin", "/sbin", "/usr/bin", "/usr/sbin"};
Description
Type string READ/WRITE
runptyflags is a modifiable copy of the ptyflags input variable. Use it to close stdin to prevent stdin on the runtime environment.
Example
if ( basename(runcommand) == "appl_home")
{
# close stdin and prevent the user from providing any input
# for a command that is only intended to be run in batch mode.
runptyflags &= | 0x1;
}
Description
Type string WRITABLE
runrlimit_as is a modifiable copy of the rlimit_as input variable. It controls the maximum memory that is available to a process.
Description
Type string WRITABLE
runrlimit_core is a modifiable copy of the rlimit_core input variable. It controls the maximum size of a core file.