立即与支持人员聊天
与支持团队交流

Privilege Manager for Unix 7.3 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

gid

Description

Type integer READONLY

gid contains the Group ID of the submitting user's primary group on the client host.

Example
adminusers = {"dan","robyn","cory"}; 
printf ("Request received from user id:%d %d\n", uid, gid);
Related Topics

uid

group

rungroup

group

Description

Type string READONLY

group contains the name of user's primary group.

Example
if (group == "admin") 
   adminusers = append(adminusers,user);
Related Topics

groups

rungroup

rungroups

groups

Description

Type string READONLY

groups contains the list all groups in which the user is a member.

Example
# If a user belongs to a particular group, reject the command 
if ( "restrictedUsers" in groups ) 
{ 
   reject; 
}
Related Topics

group

rungroup

rungroups

host

Description

Type string READONLY

host identifies the host name where the user has requested to run the command. The value is set to the host name selected by the pmrun -h <hostname> option, and defaults to nodename. You may expand it to a fully qualified name, if shortnames are not used.

Example
# If the requested host is not in the allowed_hosts list, reject the command 
allowed_hosts = {“hosta.test.com”, “hostb.test.com”, “hostc.test.com”}; 
if ( host !in allowed_hosts ) 
{ 
   reject “Commands on host “ + host + “ are not allowed. \n”; 
}
Related Topics

runhost

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级