Chat now with support
Chat with Support

Safeguard for Sudo 6.1 Common Documents - Administration Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration Upgrade Privilege Manager for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Troubleshooting Privilege Manager Variables Privilege Manager programs Installation Packages Unsupported Sudo Options Privilege Manager for Sudo Policy Evaluation



Type integer READONLY

year contains the year in which the request was submitted in the format YY.

Related Topics








Global output variables

The following predefined global variables are initialized from the submit user's environment. They can be affected by the policy file.

Table 10: Global output variables
Variable Data Type Description
disable_exec integer Specifies whether to prevent the runcommand process from executing new processes.
eventlog string Pathname of the audit log.
iolog string Pathname of the keystroke log.
logstderr integer Specifies whether to keystroke log stderr messages.
logstdin integer Specifies whether to keystroke log stdin messages.
logstdout integer Specifies whether to keystroke log stdout messages.



Type integer READ/WRITE

Use disable_exec to prevent the runcommand process from executing new UNIX processes. For example, you can prevent a vi session from executing shell commands. This variable is only supported if the underlying operating system supports the noexec feature; that is, Linux, Solaris, HPUX11, and AIX5.3. If set to true(1), Privilege Manager sets the LD_PRELOAD environment variable, which causes the runcommand to be loaded with a Privilege Manager library that overrides the system exec functions, and thus prevents the runcommand from using exec to create a new process.



Type string READ/WRITE

eventlog contains the full pathname of the file in which audit events are logged. The default pathname is /var/opt/quest/qpm4u/pmevents.db.

Related Topics


Event logging

Related Documents