Chat now with support
Chat with Support

Safeguard for Sudo 2.0 - Administrators Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration
Download Privilege Manager for Unix Software Packages Download Privilege Manager for Sudo Software Packages Quick Start and Evaluation Configure a Primary Policy Server Configure a Secondary Policy Server Install PM Agent or Sudo Plugin on a Remote Host Remove Configurations
Upgrading Privilege Manager System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager Programs Installation Packages Unsupported Sudo Options Sudo Plugin Policy Evaluation About us

FEATURE_VAS

Description

Type integer READONLY

Read-only constant used with the feature_enabled() function to determine whether Authentication Services features are available on a particular policy server.

Example
if (!feature_enabled(FEATURE_VAS) 
print("Authentication Services support is not available on this policy server");
Related Topics

FEATURE_LDAP

gid

Description

Type integer READONLY

gid contains the Group ID of the submitting user's primary group on the pmrun host.

Example
adminusers = {"dan","robyn","cory"}; 
printf ("Request received from user id:%d %d\n", uid, gid);
Related Topics

uid

group

rungroup

group

Description

Type string READONLY

group contains the name of user's primary group.

Example
if (group == "admin") 
   adminusers = append(adminusers,user);
Related Topics

groups

rungroup

rungroups

groups

Description

Type string READONLY

groups contains the list all groups in which the user is a member.

Example
# If a user belongs to a particular group, reject the command 
if ( "restrictedUsers" in groups ) 
{ 
   reject; 
}
Related Topics

group

rungroup

rungroups

Related Documents