Chat now with support
Chat with Support

Privilege Manager for Unix 7.0 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

alertkeymatch

Description

Type string READONLY

alertkeymatch contains the pattern matched by pmlocald. This variable is not available for use in the policy file, it is only available in the event log. To view the event log, use the pmlog -l command.

Example
#view all alerts recorded in the audit log that match the pattern "passwd" 
pmlog –l -c 'alertkeymatch == "passwd"'

argc

Description

Type integer READONLY

argc contains the number of arguments supplied for the original command. This includes the command name itself. For example, if the original command is pmrun ls –al, then argc is set to 2.

Example
# if any arguments are passed to a vi editor program, like vi
# then verify the path is not in a list of forbidden directories 
if ((basename(command) in vi_program_list) && (argc > 1)) 
{ 
   count=0; 
   while (count < length(forbid_dir_list)) 
   { 
      if (glob(forbid_dir_list[count], dirname(argv[1]))) 
      { 
         reject "You are not allowed to edit a file in this directory"; 
       } 
      count=count+1; 
   } 
}
Related Topics

argv

argv

Description

Type list READONLY

argv is a list of the arguments supplied for the original command, including the command itself. For example, if the original command is pmrun ls –al, then argv is set to {"ls","-al"}.

Example
# if any arguments are passed to an editor program, like vi
# then verify the path is not in a list of forbidden directories 
if ((basename(command) in vi_program_list) && (argc > 1)) 
{ 
   count=0; 
   while (count < length(forbid_dir_list)) 
   { 
      if (glob(forbid_dir_list[count], dirname(argv[1]))) 
      { 
         reject "You are not allowed to edit a file in this directory"; 
      } 
      count=count+1; 
   } 
}
Related Topics

argc

bkgd

Description

Type boolean READONLY

bkgd reflects the "-b" background argument of a pmrun call. If the user requested the background mode, it is set to 1.

To change whether the call runs in the background, set the runbkgd variable.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating