|
|
|
Valid on UNIX
The seos.ini file contains various setup and initialization tokens used by CA Access Control. Each token occupies a line in the file, in the following format:
token = value
The lines containing the tokens for a particular utility, daemon, or other facility of CA Access Control are grouped together in sections. Each section starts with a header line that gives the section name inside square brackets. Every token belongs to a section. For example, the following line starts the section that governs the serevu utility:
[serevu]
The seos.ini file, as installed, is protected by CA Access Control and cannot be updated while CA Access Control is running. The file, as defined by default in CA Access Control, has READ access because many utilities access this file during their processing. If they cannot read the seos.ini file, they will fail.
Enter the following selang command to let an authorized user update the file while CA Access Control is running:
newres FILE /opt/CA/AccessControl /seos.ini owner(authUser)
where authUser is the name of an authorized user. This command establishes that authUser is the owner of the file, and as the owner of the file, authUser can always update it.
You can use CA Access Control Endpoint Management or the seini utility to read, add, modify, and delete tokens in initialization files.
Note: The seini utility can only update the seos.ini file when seosd is not running, or when a rule in the database specifically permits it.
Using the secons ‑rl command, you can reload an seos.ini file with updated tokens without having to restart the seosd daemon.
The following table lists all the sections in the seos.ini file.
|
Section |
Description |
|---|---|
|
AccountManager |
Multiple JCS endpoint module |
|
AgentManager |
CA Access Control plugins management |
|
crypto |
Cryptographic module library settings. |
|
daemons |
A list of CA Access Control daemons the seload utility runs automatically. |
|
Dependency |
A list of products that use CA Access Control as an embedded component, as defined by users. |
|
devcalc |
Policy deviation calculator (devcalc) settings. |
|
kblaudit |
Keyboard logging session tracking settings. |
|
lang |
CA Access Control management interface (selang) settings. |
|
ldap |
LDAP server settings for the LDAP sample exit. |
|
logmgr |
Logging facility settings. |
|
message |
Message file settings. |
|
mfsd |
Mainframe synchronization daemon (mfsd) settings. |
|
OS_user |
Enterprise user store usage settings. |
|
package |
A list of installed CA Access Control packages. |
|
pam_seos |
Pluggable Authentication Module (PAM) programming interface settings. |
|
passwd |
Password replacement and user‑related services settings. |
|
pmd |
Common Policy Model database settings. |
|
policyfetcher |
Policy fetcher daemon (policyfetcher) settings. |
|
PUPMAgent |
PUPM daemon (pupmagent) settings. |
|
seagent |
seagent daemon settings. |
|
seauxd |
Auxiliary daemon (seauxd) settings for Unicenter calendar updates. |
|
segrace |
User login information utility (segrace) settings. |
|
seini |
Configuration file management utility (seini) attributes. |
|
selock |
Desktop inactivity protection utility (selock) settings. |
|
selogrd |
Log routing daemons (selogrd and selogrcd) settings. |
|
seos |
Global configuration settings. |
|
SEOS_syscall |
SEOS_syscall kernel module settings. |
|
seosd |
Authorization daemon (seosd) settings. |
|
seosdb |
Database checking and rebuilding settings. |
|
seoswd |
Watchdog daemon (seoswd) settings. |
|
serevu |
Unsuccessful login attempts resolution utility (serevu) utility settings. |
|
sesu |
CA Access Control switch user utility (sesu) settings. |
|
sesudo |
CA Access Control substitute user do utility (sesudo) utility settings. |
|
standalone |
Standalone computer administration settings. |
|
tcp_communication |
Common TCP connection settings. |
|
tng |
CA Access Control integration with Unicenter settings. |
| Copyright © 2012 CA. All rights reserved. | Tell Technical Publications how we can improve this information |