サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

argv

Description

Type list READONLY

argv is a list of the arguments supplied for the original command, including the command itself. For example, if the original command is pmrun ls -al, then argv is set to {"ls","-al"}.

Example
# if any arguments are passed to an editor program, like vi
# then verify the path is not in a list of forbidden directories 
if ((basename(command) in vi_program_list) && (argc > 1)) 
{ 
   count=0; 
   while (count < length(forbid_dir_list)) 
   { 
      if (glob(forbid_dir_list[count], dirname(argv[1]))) 
      { 
         reject "You are not allowed to edit a file in this directory"; 
      } 
      count=count+1; 
   } 
}
Related Topics

argc

bkgd

Description

Type boolean READONLY

bkgd reflects the "-b" background argument of a pmrun call. If the user requested the background mode, it is set to 1.

To change whether the call runs in the background, set the runbkgd variable.

client_parent_pid

Description

Type integer READONLY

Process ID of client's parent process.

Example
# only allow requests submitted from a login shell
# (parent process name starts with a dash) 
if (client_parent_procname[0] == "-") { 
   printf("process info -- name:[%s], pid[%d], uid[%d]\n" 
      client_parent_procname, client_parent_pid, client_parent_uid); 
   reject "only requests from login shells are allowed"; 
}
Related Topics

client_parent_uid

client_parent_procname

client_parent_uid

Description

Type integer READONLY

User ID associated with the client's parent process.

Example
# only allow requests submitted from a login shell 
# (parent process name starts with a dash) 
if (client_parent_procname[0] == "-") { 
   printf("process info -- name:[%s], pid[%d], uid[%d]\n" 
      client_parent_procname, client_parent_pid, client_parent_uid); 
   reject "only requests from login shells are allowed"; 
}
Related Topics

client_parent_pid

client_parent_procname

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択