Chat now with support
Chat with Support

Safeguard for Sudo 7.2 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Supported sudo plugins Troubleshooting Safeguard Variables Safeguard programs Installation Packages Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

disable_exec

Description

Type integer READ/WRITE

Use disable_exec to prevent the runcommand process from executing new UNIX processes. For example, you can prevent a vi session from executing shell commands. This variable is only supported if the underlying operating system supports the noexec feature; that is, Linux, Solaris, HP-UX, and AIX. If set to true(1), Safeguard sets the LD_PRELOAD environment variable, which causes the runcommand to be loaded with a Safeguard library that overrides the system exec functions, and thus prevents the runcommand from using exec to create a new process.

eventlog

Description

Type string READ/WRITE

eventlog contains the full pathname of the file in which audit events are logged. The default pathname is /var/opt/quest/qpm4u/pmevents.db.

Related Topics

event

Event logging

iolog

Description

Type string READ/WRITE

iolog is the full path name of the keystroke log file in which input, output, and error output is logged.

logstderr

Description

Type integer READ/WRITE

Set logstderr to true to enable keystroke logging of stderr output produced during the session. The default value is true.

Related Topics

logstdin

logstdout

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating