Updated platform support:
The following is a list of issues addressed in this release.
Resolved Issue | Issue ID |
---|---|
Reported event times offset Reported event times may be offset if the MCU console server and policy servers are not set to use the same time zones. |
0004606 |
Time restriction interpretation In the profile-based policy, the time restriction specified in the pf_restrictionhours profile variable is interpreted against the local time configured on the policy server that is evaluating the request, rather than the local time on the client host. |
0004639 |
Incompatible linux-ppc64 packages The linux-ppc64 packages now work on modern ppc64 systems. |
784390 |
Retired policy server may re-appear in servers list on client In a policy group with two or more policy servers, if one of the secondary policy servers in not configured, the plugin host may still have a reference to the unconfigured server. The output of the pmpluginloadcheck command may include the unconfigured server. |
784399 |
pmsrvconfig now displays a descriptive error message if there is a syntax error in the policy. |
784401 |
Resource limit support for Linux systems Commands run using pmrun now have their resource limits updated based on the limits.conf file on Linux systems when the pam_limits PAM module is configured. |
790157 |
If the user configuring the product has the number of files resource limit set to unlimited, the pmsrvconfig, pmjoin, and pmplugininfo commands will fail or take up to five minutes to complete. | 798228 |
Fix for locale error when running the pmpolicy command If the LC_CTYPE, LC_ALL, or LANG environment variable was set to an unsupported value, the pmpolicy command would fail. |
798918 |
SELinux support for Privilege Manager for Unix Privilege Manager for Unix will now set the SELinux security context to the run user when executing commands when SELinux support is configured using pmjoin. |
799821 |
The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.
Known Issue | Issue ID |
---|---|
AlertRaised events not logged to the eventlog AlertRaised events are not logged to the eventlog. However, pmlocald will still terminate the current session if an alert is raised and alertkeyaction is set to reject. |
0004005 |
Handshake failed message Improperly configured clients may display a Connection timed out or Handshake failed message. This may be caused by an incorrect pmlocaldOpts setting in the pm.settings file. Workaround: This can be resolved by removing the pmlocaldOpts setting and restarting the pmserviced daemon. |
0004336 |
Before installing Privilege Manager 6.1, ensure that your system meets the following minimum hardware and software requirements.
Component | Requirements | ||||
---|---|---|---|---|---|
Operating systems |
See Supported platforms to review a list of platforms that support Privilege Manager clients. | ||||
Disk space |
80 MB of disk space for program binaries and manuals for each architecture.
| ||||
SSH software |
You must install and configure SSH client and server software on all policy server hosts. You must enable access to SSH as the root user on the policy server hosts during configuration of the policy servers. Both OpenSSH 4.3 (and later) and Tectia SSH 6.4 (and later) are supported. | ||||
Processor | Policy Servers: 4 cores | ||||
RAM | Policy Servers: 4GB |
Privilege Manager for Unix supports a direct upgrade installation from version 6.0. The Privilege Manager software in this release is provided using platform-specific installation packages. For more information on upgrading, see the One Identity Privilege Manager for Unix Administration Guide.
One Identity recommends that:
|
NOTE: The upgrade process will create symbolic links to ensure that your existing paths function correctly. |
|
NOTE: Use of the Privilege Manager clients (pmrun and pmshells) with a policy server in Sudo policy mode is not supported. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy