This section describes each of the Privilege Manager for Unix programs and their options. The following table indicates which Privilege Manager for Unix component installs each program.
Name | Description | Server | Agent | Sudo |
---|---|---|---|---|
Verifies that the configured audit servers are accessible and configured properly and exchanges a "hello" message with the server. If the audit server is not accessible, stores the events and keystroke (IO) logs temporarily offline and sent to the audit server when it is available. |
X |
N/A |
N/A | |
Is a wrapper for the GNU Bourne Again SHell that provides transparent authorization and auditing for all commands submitted during the shell session. |
X |
X |
N/A | |
pmcheck |
Verifies the syntax of a policy file. |
X |
N/A |
X |
pmclientd |
The Privilege Manager for Unix Client daemon that listens on the configured policy server port and responds to a remote request. |
X |
X |
N/A |
pmclientinfo |
Displays configuration information about a client host. |
X |
X |
N/A |
pmcp |
Privilege Manager for Unix remote file copy command. |
X |
X |
N/A |
pmcsh |
Privilege Manager for Unix C Shell provides transparent authorization and auditing for all commands submitted during the shell session. |
X |
X |
N/A |
pmgit |
The pmgit utility is used to configure Git policy management for Privilege Manager for Unix. |
X |
X |
N/A |
pmincludecheck |
Used by pmsrvconfig script on the primary server only. When configuring a primary server in pmpolicy type, if you do not have a policy file to import into the repository, then pmincludecheck initializes the policy from the current set of default policy files provided in the installation. |
X |
N/A |
N/A |
pminfo |
Registers the local host with the Privilege Manager for Unix 5.5 policy server. Note that pminfo is obsolete as of version 5.6 and is included for backwards compatibility only. |
X |
X |
N/A |
pmjoin |
Configures a Privilege Manager for Unix agent to communicate with the servers in the group. |
X |
X |
N/A |
pmkey |
Generates and installs configurable certificates. |
X |
X |
X |
pmksh |
Privilege Manager for Unix K Shell provides transparent authorization and auditing for all commands submitted during the shell session. |
X |
X |
N/A |
pmless |
A terminal pager program that allows you to view (by not modify) the contents of a text file one screen at a time. |
X |
X |
N/A |
pmlicense |
Displays current license information and allows you to update a license (an expired one or a temporary one before it expires) or create a new one. |
X |
N/A |
N/A |
pmlist | Lists the commands that the user is permitted to run. |
X |
X |
N/A |
pmloadcheck |
Controls load balancing and failover for connections made from the host to the configured policy servers. |
X |
X |
N/A |
pmlocald |
The Privilege Manager for Unix Local daemon which runs programs when instructed to do so by the appropriate policy server daemon. |
X |
X |
N/A |
pmlog |
Displays entries in a Privilege Manager for Unix event log. |
X |
N/A |
N/A |
pmlogadm |
Manages encryption options on the event log. |
X |
N/A |
N/A |
pmlogsearch |
Searches all logs in a policy group based on specified criteria. |
X |
N/A |
N/A |
The Privilege Manager for Unix log access daemon, the service responsible for committing events to the Privilege Manager for Unix event log and managing the database storage used by the event log. |
X |
|
| |
pmmasterd |
The Privilege Manager for Unix Master daemon which examines each user request and either accepts or rejects it based upon information in the Privilege Manager configuration file. You can have multiple pmmasterd daemons on the network to avoid having a single point of failure. |
X |
N/A |
X |
pmmg |
A special version of an emacs text editor to use with Privilege Manager for Unix (gnu-style key bindings). |
X |
X |
N/A |
pmpasswd |
Generates an encrypted password which can be used in the configuration file. |
X |
N/A |
N/A |
pmpolicy |
A command-line utility for managing the Privilege Manager for Unix security policy. This utility checks out the current version, checks in an updated version, and reports on the repository. |
X |
N/A |
N/A |
pmpolicyconvert |
Utility that allows you to verify, and if necessary, convert any number of policy files for use with Privilege Manager for Unix V5.5 (or later). |
X |
N/A |
N/A |
pmpolsrvconfig |
Configures (or unconfigures) a primary or secondary policy server. Allows you to grant a user access to a repository. |
X |
N/A |
N/A |
pmremlog |
Provides a wrapper for the pmlog and pmreplay utilities to access the event (audit) and keystroke (I/O) logs on any server in the policy group. |
X |
N/A |
N/A |
pmreplay |
Replays an I/O log file allowing you to review what happened during a previous privileged session. |
X |
N/A |
N/A |
pmresolvehost |
Verifies the host name or IP resolution for the local host or a selected host. |
X |
X |
X |
pmrun |
Allows a user to run a command from their local machine as root. The policy server daemon, pmmasterd, examines each request from pmrun, and either accepts or rejects it based upon the policies specified in the policy file. |
X |
X |
N/A |
Allows Privilege Manager for Unix to launch the remote scp daemons. |
X |
N/A |
N/A | |
pmserviced |
The Privilege Manager for Unix Service daemon listens on the configured ports for incoming connections for the Privilege Manager for Unix daemons. pmserviced uses options in pm.settings to determine the daemons to run, the ports to use, and the command line options to use for each daemon. |
X |
X |
X |
pmsh |
Privilege Manager for Unix Bourne Shell that provides transparent authorization and auditing for all commands submitted during the shell session. |
X |
X |
N/A |
pmshellwrapper |
A wrapper for any valid login shell on a host. |
X |
X |
N/A |
pmsrvcheck |
Checks the Privilege Manager for Unix policy server configuration to ensure it is setup properly. |
X |
N/A |
N/A |
pmsrvconfig |
Configures a primary or secondary policy server. |
X |
N/A |
N/A |
pmsrvinfo | Verifies the policy server configuration. |
X |
N/A |
N/A |
pmstatus |
Verifies connectivity between Privilege Manager for Unix and the pmlocald and pmmasterd daemons on the specified hosts. |
X |
X |
N/A |
pmsum |
Generates a simple checksum of a binary. |
X |
N/A |
N/A |
pmsysid |
Displays the Privilege Manager for Unix system ID. |
X |
X |
X |
pmtunneld |
The Privilege Manager for Unix Tunnel daemon that acts as a proxy for pmrun when pmlocald communicates with pmrun through a firewall. |
X |
X |
N/A |
pmumacs |
A special version of a microemacs text editor to use with Privilege Manager for Unix (gosling-style key bindings). |
X |
X |
N/A |
pmverifyprofilepolicy |
Verifies the syntax and structure of the policy file and checks whether a particular command will be accepted or rejected. |
X |
N/A |
N/A |
Allows users to access a specific file as root but no other root functions. |
|
|
|