サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

pmsum

Syntax
pmsum /<full_path_name>
Description

Use pmsum to generate a checksum of the named file. The output it produces can be used in a policy with the runcksum variable. If the requested binary/command does not match the checksum, it rejects the command.

Options

pmsum has the following options.

Table 91: Options: pmsum
Option Description

-v

Prints the version number of Privilege Manager for Unix and exits.

Examples
# pmsum /bin/ls 
5591e026 /bin/ls
Related Topics

runcksum

pmsysid

Syntax
pmsysid [-i] | -v
Description

The pmsysid command displays the Privilege Manager for Unix system ID.

Options

pmsysid has the following options.

Table 92: Options: pmsysid
Option Description

-i

Shows the system host name and IP address.

-v

Displays the Privilege Manager for Unix version and exits.

pmtunneld

Syntax
pmtunneld [ [-v] | [-z on|off[:<pid>]] | [[-e <logfile>] [-s] ] ]
Description

The pmtunneld command acts as a proxy for pmrun when pmlocald communicates with pmrun through a firewall.

Communication sent from pmlocald is transmitted using port number 12347, by default, and received by pmtunneld. pmtunneld then transmits the data to pmrun. For more details, see Configuring pmtunneld.

Options

pmtunneld has the following options.

Table 93: Options: pmtunneld
Option Description

-e <logfile>

Logs any tunnel proxy daemon errors in the file specified.

-s

Sends any tunnel proxy daemon errors to syslog.

-v

Displays the version number of Privilege Manager for Unix and exits.

-z

Enables or disables tracing for this program and optionally for a currently running process.

Before using this option, see Enabling program-level tracing.

pmumacs

Syntax
pmumacs /<full_path_name>
Description

The pmumacs text editor is a special version of microemacs that you can use securely with Privilege Manager for Unix programs; it is similar to the umacs editor. umacs is a small version of emacs with gosling-style emacs key bindings. You must specify a full path name as an argument when starting pmumacs. Also, you will not be able to access any files other than the ones you specified at startup time nor spawn any processes.

Use pmumacs to allow users to access a specific file as root but no other root functions.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択