立即与支持人员聊天
与支持团队交流

Safeguard for Sudo 7.3 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Supported sudo plugins Troubleshooting Safeguard for Sudo Variables Safeguard for Sudo programs Installation Packages Supported Sudoers directives Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

pmsum

Syntax
pmsum /<full_path_name>
Description

Use pmsum to generate a checksum of the named file. The output it produces can be used in a policy with the runcksum variable. If the requested binary/command does not match the checksum, it rejects the command.

Options

pmsum has the following options.

Table 49: Options: pmsum
Option Description

-v

Prints the version number of Safeguard for Sudo and exits.

Examples
# pmsum /bin/ls 
5591e026 /bin/ls

pmsysid

Syntax
pmsysid [-i] | -v
Description

The pmsysid command displays the Safeguard for Sudo system ID.

Options

pmsysid has the following options.

Table 50: Options: pmsysid
Option Description

-i

Shows the system host name and IP address.

-v

Displays the Safeguard for Sudo version and exits.

Installation Packages

Safeguard for Sudo is comprised of the following packages:

  • Privilege Manager for Unix product

    Contains the Privilege Manager for Unix Policy Server and PM Agent components and uses the native packaging system for each platform (RPM, PKG, and so on).

  • Safeguard for Sudo product

    Contains the Safeguard for Sudo Policy Server and Sudo Plugin components and uses the native packaging system for each platform (RPM, PKG, and so on).

  • Preflight Binary

    This is a stand-alone native binary for each platform (not zipped, tarred or packaged). This binary exists stand-alone on the ISO to make it available for use prior to installing software. It does not change any Safeguard for Sudo configuration on the host.

For more information, see Download Safeguard for Sudo software packages..

Package locations

Safeguard for Sudo is provided in native platform install packages, which include binary files, online man pages, installation files, and configuration file examples.

The install packages are located in the zip archive in two directories called:

  • /server

  • /agent

  • /sudo_plugin

where <platform> is the name of the platform on which you are running Safeguard for Sudo.

There are three different packages:

  • qpm-agent package, which contains only the client (pmrun) and agent (pmlocald) components for Safeguard for Sudo.

  • qpm-server package, which contains the server (pmmasterd), the client (pmrun) and agent (pmlocald), and the Sudo Plugin (qpm4u_plugin.so) components for Safeguard for Sudo.

  • qpm-plugin package, which contains the offline policy cache server (pmmasterd), the Sudo Plugin (qpm4u_plugin.so) components for Safeguard for Sudo.

The Solaris server and agent packages have filenames that start with QSFTpmsrv and QSFTpmagt, respectively.

Once installed, the packaged files are placed in an installation directory under /opt/quest which contains subdirectories and files.

The platform directories contain the Safeguard for Sudo installer packages for each platform supported by Safeguard for Sudo.

Table 51: Privilege Manager kit directories
Platform Architecture

aix71-rs6k

IBM® AIX 7.1, 7.2

freebsd-x86_64

FreeBSD on x86 64-bit architecture

hpux-hppa11

HP-UX 11.31 PA-RISC architecture

hpux11-ia64

HP-UX 11.31 Itanium architecture

linux-aarch64

Linux on ARM 64-bit architecture

linux-ia64

Linux on Itanium architecture

linux-intel

Linux x86

linux-ppc64

Linux on ppc little endian 64-bit architecture

linux-ppc64le

Linux on ppc little endian 64-bit architecture

linux-s390

Linux s390

linux-x86_64

Linux on x86 64-bit architecture

macos-x86_64

macOS on x86 64-bit architecture

Solaris-intel

Solaris Intel architecture

Solaris-sparc

Solaris SPARC® architecture

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级