サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

splitSubst

Syntax
list splitsubst( string X, string delimiter )
Description

The splitsubst function splits a string X into a list. This function is similar to the split function except that the delimiter contains the entire delimiter string.

Example

The following example returns the list: "john","jane,james"

a = splitsubst( "john,,jane,james", ",," )
Related Topics

split

Miscellaneous functions

These are the built-in miscellaneous functions available to use within the pmpolicy file.

Table 40: Miscellaneous functions
Name Description

atoi

Translate a string representation of an integer to an integer.

authenticate_pam

Authenticate a user on the primary policy server.

authenticate_pam_toclient

Authenticate a user on the client.

basename

Return the filename portion of a path.

comparehosts

Check whether a host string matches a host definition.

datecmp

Compare two date strings.

dirname

Return the directory name portion of a path

feature_enabled

Determine whether a feature is supported on the policy server

fileexists, access

Check whether a file or path exists on the policy server.

getopt

Examine a list of arguments for short options to break up command lines for easier parsing.

getopt_long

Examine a list of arguments for short or long options to break up command lines for easier parsing.

getopt_long

Examine a list of arguments for only long options to break up command lines for easier parsing.

glob

Match a string to a pattern.

ingroup

Check whether a host is in the specified UNIX group on the policy server.

innetgroup

Check whether a user is in the specified NIS netgroup on the policy server.

innetuser, inusernetgroup

Check whether a user is in the NIS netgroup or specified netgroup on the policy server.

lineno

Return the current line number in the policy file.

mktemp

Create a temporary file. Same as mktemp system.

osname

Return a string representation of the operating system.

quote

Quote a string.

rand

Generate a random number.

stat

Obtain information about a file on the policy server.

strftime

Format the current date/time as a string.

system

Run a program on the policy server.

timebetween

Check whether a given time is between two times.

tolower

Convert string to lower case.

toupper

Convert string to upper case.

uname

Return system information on the policy server; output of uname system command line.

atoi

Syntax
int atoi ( string nptr )
Description

atoi converts the string representation of a decimal integer to an integer. If the string does not contain a number, it produces a syntax error and rejects the session.

This function returns the converted integer.

Example
x=atoi("123"); 
printf("%d\n", x);

Returns: 123

Related Topics

insert

join

authenticate_pam

Syntax
int authenticate_pam ( string user [, string service] )
Description

The authenticate_pam function authenticates a user by means of the PAM (Pluggable Authentication Method) APIs on the policy servers.

For more information on how to configure PAM, consult the documentation for your platform.

The service parameter identifies the name of the PAM service to use to authenticate the user. This can be any valid service name configured in the PAM system configuration. It defaults to the PAM service "login".

This function returns 0 to indicate failure and 1 to indicate success.

Example
if (user=="paul" && basename(command)=="useradd") 
{ 
   if (!authenticate_pam(user, "sshd")) 
   { 
      reject; 
   } 
   runuser="root"; 
   accept; 
}
Related Topics

authenticate_pam_toclient

Utilizing PAM authentication

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択