Chat now with support
Chat with Support

Safeguard for Sudo 7.2.1 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Supported sudo plugins Troubleshooting Safeguard Variables Safeguard programs Installation Packages Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

pmsrvinfo

Syntax
pmsrvinfo [--csv] | -v
Description

Use the pmsrvinfo command to display information about the group in either human readable or CSV format. You can run this program on any server in the policy group.

Options

pmsrvinfo has the following options.

Table 46: Options: pmsrvinfo
Option Description
-c Displays information in .CSV format, instead of human readable output.

-l

By using this option, you can detect which client uses which sudo policy on the policy server. This option lists the following client information from the policy server:

  • Client's hostname

  • Sudoers file used by the client

  • Client's version

This option can be used together with the "-c" option.

-v

Displays the Safeguard version number and exits.

Examples
# pmsrvinfo
Policy Server Configuration: 
---------------------------- 
Safeguard version   : 6.0.0 (nnn) 
Listening port for pmmasterd daemon    : 12345 
Comms failover method                  : random 
Comms timeout(in seconds)              : 10 
Policy type in use                     : sudo 
Group ownership of logs                : pmlog 
Group ownership of policy repository   : pmpolicy 
Policy server type                     : primary 
Primary policy server for this group   : adminhost1 
Group name for this group              : adminGroup1 
Location of the repository             :
file:////var/opt/quest/qpm4u/.qpm4u/.repository/sudo_repos/trunk 
Hosts in the group                     : adminhost1 adminhost2
Related Topics

Policy servers are failing

Sudo command is rejected by Safeguard for Sudo

pmsum

Syntax
pmsum /<full_path_name>
Description

Use pmsum to generate a checksum of the named file. The output it produces can be used in a policy with the runcksum variable. If the requested binary/command does not match the checksum, it rejects the command.

Options

pmsum has the following options.

Table 47: Options: pmsum
Option Description

-v

Prints the version number of Safeguard and exits.

Examples
# pmsum /bin/ls 
5591e026 /bin/ls

pmsysid

Syntax
pmsysid [-i] | -v
Description

The pmsysid command displays the Safeguard system ID.

Options

pmsysid has the following options.

Table 48: Options: pmsysid
Option Description
-i Shows the system host name and IP address.

-v

Displays the Safeguard version and exits.

Installation Packages

Safeguard is comprised of the following packages:

  • Privilege Manager for Unix product

    Contains the Privilege Manager for Unix Policy Server and PM Agent components and uses the native packaging system for each platform (RPM, PKG, etc).

  • Safeguard for Sudo product

    Contains the Safeguard Policy Server and Sudo Plugin components and uses the native packaging system for each platform (RPM, PKG, etc).

  • Preflight Binary

    This is a stand-alone native binary for each platform (not zipped, tarred or packaged). This binary exists stand-alone on the ISO to make it available for use prior to installing software. It does not change any Safeguard configuration on the host.

For more information, see Download Safeguard for Sudo software packages..

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating