立即与支持人员聊天
与支持团队交流

Privilege Manager for Unix 7.2.1 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

Failed to push references to Git URL

Error

After export pmgit sends the error message:

# pmgit export --git-url <Git_URL>
Creating backup from SVN repository ...                             [ OK ]
Creating directory for local Git repository ...                     [ OK ]
Cloning SVN ...                                                     [ OK ]
Setting Git remote ...                                              [ OK ]
Push Git repository to remote ...                               [ ERROR ]
   To <Git_URL>
! [rejected]        <Git_branch> -> <Git_branch> (fetch first)
error: failed to push some refs to '<Git_URL>'
Cause

You tried to export to a Git repository which is not empty.

Effect

You are unable to export the policies to that Git repository.

Solution

Create an empty bare repository.

Example

This is an example for creating an empty bare Git repository from command line.

git init --bare <repo_name>.git

Privilege Manager for Unix Policy File Components

This appendix provides detailed information about the components that you use to construct the pmpolicyPrivilege Manager for Unix security policy file.

Lexical and syntactic productions

One Identity uses the following language standards to define the grammar of the policy scripting language used in Privilege Manager for Unix.

Table 25: Lexical productions
Production Description
<identifier>  ::= [A-Za-z][A-Za-z0-9_]*
<number> ::= [0-9]+
<octalnumber> ::= 0[0-7]+
<hexnumber> ::= 0x[a-fA-F0-9]+
<realnumber> ::= <number> '.' <number>
<string> ::= \" <non-double-quote | backslashed-double-quote >* \"

| ' <non-single-quote | backslashed-single-quote >* '

<non-double-quote> ::= [^\"]
<backslashed-double-quote> ::= \\\"
<non-single-quote> ::= [^']
<backslashed-single-quote> ::= \\'
<comment> ::= <shell-style-comment> | <c-style-comment> | <cplusplus-style-comment>
<shell-style-comment> ::= '#' [^\n]*
<c-style-comment> ::= /\* [^\*/]* \*/

<cplusplus-style-comment>

::= // [^\n]*

Table 26: Syntactic productions
Production Description
Policy ::= { Statement | Procedure }
Procedure ::= ( 'procedure' | 'function' ) <identifier> '(' [Parameters] ')' BlockStatement
Parameters ::= Parameter {',' Parameter }
Parameter ::= <identifier> ['=' Expression]
Statements ::= Statement { Statement }
Statement

::= IfStatement | ForStatement | DoWhileStatement | WhileStatement | SwitchStatement | BreakStatement | ContinueStatement | ReturnStatement | AcceptStatement | RejectStatement | IncludeStatement | ReadOnlyStatement | ReadOnlyExceptStatement | ExpressionStatement | BlockStatement

IfStatement ::= 'if' '(' Expression ')' Statement [ 'else' Statement ]
WhileStatement ::= 'while' '(' Expression ')' Statement
DoWhileStatement ::= 'do' BlockStatement 'while' '(' Expression ')' ';'
ForStatement

::= 'for' '(' Expressions ';' Expression ';' [Expression] ')' Statement | 'for' '(' <identifier> 'in' Expression ')' Statement

SwitchStatement ::= 'switch' '(' Expression ')' '{' [Cases][Default] '}'
Cases ::= Case { Case }
Case ::= 'case' Expression ':' Statements
Default ::= 'default' Statements
BreakStatement ::= 'break' ';'
ContinueStatement ::= 'continue' ';'
ReturnStatement ::= 'return' [ Expression ] ';'
IncludeStatement ::= 'include' Expression ';'
AcceptStatement ::= 'accept' ';'
RejectStatement ::= 'reject' [ Expression ] ';'
ReadOnlyStatement ::= 'readonly' Expression ';'
ReadOnlyExceptStatement ::= 'readonlyexcept' Expression ';'
ExpressionStatement ::= Expression ';'
BlockStatement ::= '{' Statements '}'
Expressions ::= Expression {',' Expressions }
Expression ::= AssignmentExpression | ConditionalExpression
AssignmentExpression ::= PrimaryExpression { AssignmentOp Expression }
AssignmentOp ::= '=' | '+=' | '-=' | '*=' | '/='
ConditionalExpression ::= LogicalOrExpression [ '?' Expression ':' Expression ]
LogicalOrExpression ::= LogicalAndExpression { '||' LogicalAndExpression }
LogicalAndExpression ::= BitwiseOrExpression { '&&' BitwiseOrExpression }
BitwiseOrExpression ::= BitwiseAndExpression { '|' BitwiseAndExpression }
BitwiseAndExpression ::= EqualityExpression { '&' EqualityExpression }
EqualityExpression ::= RelationalExpression { EqualityOp RelationalExpression }
EqualityOp ::= '==' | '!=
RelationalExpression ::= AdditiveExpression { RelationalOp AdditiveExpression }
RelationalOp ::= '<' | '>' | '<=' | '>=' | 'in'
AdditiveExpression ::= MultiplicativeExpression { AdditiveOp MultiplicativeExpression }
AdditiveOp ::= '+' | '-'
MultiplicativeExpression ::= PrimaryExpression { MultiplicativeOp PrimaryExpression }
MultiplicativeOp ::= '*' | '/' | '%'
PrimaryExpression

::= PrefixAssignmentExpression | DesignatorExpression | LiteralExpression | '-' Expression | '!' Expression | 'typeof' Expression | 'defined' <identifier> | '(' Expression ')'

PrefixAssignmentExpression ::= PrefixOp <identifier>
PrefixOp ::= '++' | '--'
DesignatorExpression

::= <identifier> | <identifier> PostfixOp | <identifier> Arguments | <identifier> ListAccess { ListAccess }

PostfixOp ::= '++' | '--'
Arguments ::= '(' [Expressions]  ')'
ListAccess ::= '[' Expression ']'
LiteralExpression ::= <string> | <number> | <hexnumber> | <octalnumber> | <realnumber> | ListLiteral

ListLiteral

::= '{' [Expressions] '}'

Data types

The following data types are available for use in the policy scripting language.

Table 27: Data types
Type Description Example
array A multi-dimensional array that can contain any mixture of types.

Users={"fred", "jen", "sally"}; Ids={1, 9, 10}; Usermap={ Users, Ids}; print(umap[0][2] + " -> " + umap[1][2]);

boolean The values true and false. x = true;
double A number with a fractional component.

x=2.5; y=4.3; print(x+y); #prints 6.8

int

The type integer includes the set of integers (…, -2, -1, 0, 1, 2, …).

The constants true and false are defined to have the values 1 and 0, respectively.

Specify hexadecimal numbers with the prefix 0x.

count=0; x=y=1;

You can specify an octal number by preceding it with a leading zero. For example, when specifying a umask value runumask=022

ldapid Special type to support LDAP functions.  
ldapsearchresult Special type to support LDAP functions.  
list An ordered group of strings separated by commas and surrounded by curly braces.

List elements are accessed by post-fixing them with square brackets [ ] containing the index of the desired element. Indices start at 0.

mylist = {"string zero", "string one", "string two"}; print( {"a", "b", "c"}[1] ); # prints "b"

string A sequence of zero or more characters within single or double quotes.

Mystr="this is a string"; Str1="user: " + user;

undefined

A variable is assigned a type when it is assigned a value of that type.

A variable that is referenced but has not been assigned a value is set to the type undefined.

if (typeof(myvar) == "undefined") { myvar=user;}

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级