Chat now with support
Chat with Support

Safeguard for Sudo 2.0 - Administrators Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration
Download Privilege Manager for Unix Software Packages Download Privilege Manager for Sudo Software Packages Quick Start and Evaluation Configure a Primary Policy Server Configure a Secondary Policy Server Install PM Agent or Sudo Plugin on a Remote Host Remove Configurations
Upgrading Privilege Manager System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager Programs Installation Packages Unsupported Sudo Options Sudo Plugin Policy Evaluation About us

ttyname

Description

Type string READONLY

ttyname contains the name of the TTY device from which the user submitted a request.

Example
if ( ttyname == "dev/pts/1") 
{ 
   printf("Command not authorized using tty device dev/pts/1"); 
   reject; 
}

tzname

Description

Type string READONLY

Description

The time zone variable, tzname, contains the name of the time zone on the server at the time the event was read from the event log by pmlog. The time zone may be overridden using the TZ environment variable when running pmlog.

NOTE: tzname is accessible from pmlog but not in the policy script evaluation.

Example
# pmlog -p `sprintf("%s %s %s, %s, %s", date, time, tzname, event, uniqueid)’ 
2013-03-14 10:51:59 MDT, Accept, 0b1c7ff3447ac074b4795be2dcd59f6429c8624b 
2013-03-14 10:51:59 MDT, Accept, a6cfad1ba6eb64bf9a17d5295b2bb29daa7fbb33 
2013-03-14 10:51:59 MDT, Accept, fa742929679bc6c88eadd25ff85d75361f1d28b2 
2013-03-14 10:51:59 MDT, Accept, 97ffdb433819c5feab6ec26b528f60dfb18c3d34 
2013-03-15 07:02:47 MDT, Accept, d84ac9052265912eb13d32f80584d1ae097e4ce5 
2013-03-19 09:41:59 MDT, Accept, b228110f32525c2092d2a46d0327e55f2dfc1d39

NOTE: The actual values may vary by platform. In this sample output, the value of tzname is "MDT".

The following example shows the use of the TZ variable acting on the output:

TZ=Europe/Paris pmlog -p `sprintf( "%s %s %s, %s", date, time, tzname, event )’ 
2013-03-14 17:51:59 CET, Accept, 0b1c7ff3447ac074b4795be2dcd59f6429c8624b 
2013-03-14 17:51:59 CET, Accept, a6cfad1ba6eb64bf9a17d5295b2bb29daa7fbb33 
2013-03-14 17:51:59 CET, Accept, fa742929679bc6c88eadd25ff85d75361f1d28b2 
2013-03-14 17:51:59 CET, Accept, 97ffdb433819c5feab6ec26b528f60dfb18c3d34 
2013-03-15 14:02:47 CET, Accept, d84ac9052265912eb13d32f80584d1ae097e4ce5 
2013-03-19 16:41:59 CET, Accept, b228110f32525c2092d2a46d0327e55f2dfc1d39
Related Topics

date

time

uid

Description

Type integer READONLY

uid contains the user ID of the submitting user on the pmrun host.

Example
printf("Req uest received from user id: %d %d\n", uid,gid);
Related Topics

gid

group

rungroup

umask

Description

Type integer READONLY

umask contains the value of the submit user's umask value. (See the umask man page for details.)

Example
if (umask == 077) 
{ 
   printf("Do not create files with permissions 0777\n"); 
   runumask =0666; 
}
Related Topics

runumask

Related Documents