Chat now with support
Chat with Support

Safeguard for Sudo 2.0 - Administrators Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration
Download Privilege Manager for Unix Software Packages Download Privilege Manager for Sudo Software Packages Quick Start and Evaluation Configure a Primary Policy Server Configure a Secondary Policy Server Install PM Agent or Sudo Plugin on a Remote Host Remove Configurations
Upgrading Privilege Manager System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager Programs Installation Packages Unsupported Sudo Options Sudo Plugin Policy Evaluation About us

innetgroup

Syntax
int innetgroup ( string netgroup, string host )
Description

innetgroup returns true if the specified host is in the specified NIS netgroup on the policy server; otherwise returns false.

Example
if ( ! innetgroup("submithosts", submithost)) { 
   reject "You are not permitted to submit a command from this host"; 
}

innetuser

Syntax
int innetuser (string netgroup, string user)
Description

innetuser returns true if the specified user is in the specified NIS netgroup on the policy server; otherwise returns false.

Example
if ( ! innetuser("submitusers", user)) { 
   reject "You are not permitted to submit a command from this host"; 
}
Related Topics

innetgroup

lineno

Syntax
int lineno( )
Description

lineno returns the current line number in the policy file.

Example
printf("TRACE: user:%s, cmd:%s, lineno:%d\n", user, command, lineno()); 

mktemp

Syntax
string mktemp ( string template )
Description

mktemp returns a unique filename which is guaranteed not to exist on the policy server. Use the mktemp function to create unique temporary filenames.

NOTE: For more information, see the mktemp(3) man page.

Example
#generate a unique filename–the XXXXXX chars will be replaced to construct a unique name 
filename=mktemp("/tmp/pmXXXXXX"); 
print(filename); // prints "/tmp/pmAxK2de"
Related Documents