Chat now with support
Chat with Support

Safeguard for Sudo 2.0 - Administrators Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration
Download Privilege Manager for Unix Software Packages Download Privilege Manager for Sudo Software Packages Quick Start and Evaluation Configure a Primary Policy Server Configure a Secondary Policy Server Install PM Agent or Sudo Plugin on a Remote Host Remove Configurations
Upgrading Privilege Manager System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager Programs Installation Packages Unsupported Sudo Options Sudo Plugin Policy Evaluation About us

Global Output Variables

Privilege Manager Variables > Global Output Variables

The following predefined global variables are initialized from the submit user's environment. They can be changed in the policy file and are used by pmlocald to set up the runtime environment for the runcommand.

Table 32: Global output variables
Variable Data Type Description
alertkeyaction string Action to be taken when alertkeysequence is matched.
alertkeysequence list List of patterns to match in a session.
disable_exec integer Specifies whether to prevent the runcommand process from executing new processes.
eventlog string Pathname of the audit log.
eventloghost string Host name list for remote event logging.
execfailedmsg string Message to display if runcommand cannot be executed.
iolog string Pathname of the keystroke log.
iolog_encrypt integer Specifies whether to encrypt the keystroke log.
iolog_errmax integer Max bytes to log for a stderr message.
iolog_opmax integer Max chars to log for a stdout message.
iologhost string Host name list for remote keystroke logging.
log_passwords integer Specifies whether to exclude passwords from the keystroke log.
logomit list Variables to omit from the audit and keystroke logs.
logstderr integer Specifies whether to keystroke log stderr messages.
logstdin integer Specifies whether to keystroke log stdin messages.
logstdout integer Specifies whether to keystroke log stdout messages.
notfoundmsg string Message to display if the runcommand is not found on the run host.
passprompts list Detects presence of password prompts.
pmshell_allow list Commands to allow in a Privilege Manager shell without further authorization.
pmshell_allowpipe list Commands to allow in a Privilege Manager shell without further authorization if input is from a pipe.
pmshell_checkbuiltins integer Specifies whether to authorize shell built-in commands in a Privilege Manager shell.
pmshell_forbid list Commands to forbid in a Privilege Manager shell without further authorization.
pmshell_readonly list Variables to mark as read-only in a Privilege Manager shell.
pmshell_reject string Reject message to display when a forbidden command is executed in a Privilege Manager shell.
pmshell_restricted integer Specifies whether to run a Privilege Manager shell in restricted mode.
preserve_clienthost integer Specifies whether to use the originating login host name in preference to the submit host.
profile_keepenv list A list of values specified by the keepenv() call.
profile_setenv list A list of values specified by the setenv() call.
profile_unsetenv list A list of values specified by the unsetenv() call.
profile_use_runuser string Specifies whether to use the runuser’s environment rather than the submit user’s environment
rejectmsg string Message to display when a session is rejected.
runargv list List of arguments for the request.
runchroot string Requests the command to run with a specified root directory.
runcksum string Identifies a checksum to use to verify against the runcommand.
runclienthost string A modifiable copy of the clienhost input variable.
runcommand string Full pathname of the request.
runconfirmuser string Specifies whether the agent should request the runuser to authenticate before executing the runcommand.
runcwd string Working directory to set for the request.
runenv list List of environment variables to set for the request.
rungroup string Primary group to set for the request.
rungroups list List of secondary groups to set for the request.
runhost string Host on which to run the request.
runnice integer Nice value to apply for the request.
runpaths list A list of permitted paths for commands.
runptyflags string Pty flags to apply for the request.
runtimeout integer Specifies the number of seconds of idle time before ending the session.
runumask integer Umask value to apply for the request.
runuser string User to run the request.
runutmpuser string Utmp user to use when logging to utmp.
subprocuser string User name to run subprocesses of the policy server master daemon.
tmplogdir integer Directory used for temporary storage of I/O log files if a remote log host is specified in iologhost.

alertkeyaction

Description

Type string READ/WRITE

alertkeyaction contains the action to be taken if a command matches a pattern configured in alertkeysequence. The alertkeyaction can be defined as "reject", "log" or any custom string. The default value is "log".

Example
switch (user) { 
   case "root" : alertkeyaction = "ignore"; break; 
   default : alertkeyaction = "log"; break; 
}

alertkeysequence

Description

Type list READ/WRITE

alertkeysequence contains a list of regular expressions, against which pmlocald checks the standard input commands entered by the user during a session. If a match is found, then an alert is raised in the event log.

Example
Switch (user) { 
   case "root": alertkeysequence={"passwd"}; 
      alertkeyaction="log"; 
      break; 
   default : alertkeysequence={"passwd", "shutdown"}; 
      alertkeyaction="reject"; 
      break; 
}

disable_exec

Description

Type integer READ/WRITE

Use disable_exec to prevent the runcommand process from executing new UNIX® processes. For example, you can prevent a vi session from executing shell commands. This variable is only supported if the underlying operating system supports the noexec feature; that is, Linux®, Solaris®, HPUX11, and AIX5.3. If set to true(1), Privilege Manager sets the LD_PRELOAD environment variable, which causes the runcommand to be loaded with a Privilege Manager library that overrides the system exec functions, and thus prevents the runcommand from using exec to create a new process.

Example
if (basename(runcommand) in editor_program_list) 
{ 
   disable_exec=true; 
}
Related Documents