Chat now with support
지원 담당자와 채팅

Privilege Manager for Sudo 6.1 Common Documents - Administration Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration Upgrade Privilege Manager for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Troubleshooting Privilege Manager Variables Privilege Manager programs Installation Packages Unsupported Sudo Options Privilege Manager for Sudo Policy Evaluation

year

Description

Type integer READONLY

year contains the year in which the request was submitted in the format YY.

Related Topics

dayname

minute

hour

day

month

date

time

Global output variables

The following predefined global variables are initialized from the submit user's environment. They can be affected by the policy file.

Table 10: Global output variables
Variable Data Type Description
disable_exec integer Specifies whether to prevent the runcommand process from executing new processes.
eventlog string Pathname of the audit log.
iolog string Pathname of the keystroke log.
logstderr integer Specifies whether to keystroke log stderr messages.
logstdin integer Specifies whether to keystroke log stdin messages.
logstdout integer Specifies whether to keystroke log stdout messages.

disable_exec

Description

Type integer READ/WRITE

Use disable_exec to prevent the runcommand process from executing new UNIX processes. For example, you can prevent a vi session from executing shell commands. This variable is only supported if the underlying operating system supports the noexec feature; that is, Linux, Solaris, HPUX11, and AIX5.3. If set to true(1), Privilege Manager sets the LD_PRELOAD environment variable, which causes the runcommand to be loaded with a Privilege Manager library that overrides the system exec functions, and thus prevents the runcommand from using exec to create a new process.

eventlog

Description

Type string READ/WRITE

eventlog contains the full pathname of the file in which audit events are logged. The default pathname is /var/opt/quest/qpm4u/pmevents.db.

Related Topics

event

Event logging

관련 문서