Previous Topic: kblaudit.cfg —Trace Messages On User Events Filter SyntaxNext Topic: crypto


The seos.ini Initialization File

Valid on UNIX

The seos.ini file contains various setup and initialization tokens used by CA ControlMinder. Each token occupies a line in the file, in the following format:

token = value

The lines containing the tokens for a particular utility, daemon, or other facility of CA ControlMinder are grouped together in sections. Each section starts with a header line that gives the section name inside square brackets. Every token belongs to a section. For example, the following line starts the section that governs the serevu utility:

[serevu]

The seos.ini file, as installed, is protected by CA ControlMinder and cannot be updated while CA ControlMinder is running. The file, as defined by default in CA ControlMinder, has READ access because many utilities access this file during their processing. If they cannot read the seos.ini file, they will fail.

Enter the following selang command to let an authorized user update the file while CA ControlMinder is running:

newres FILE /opt/CA/AccessControl/seos.ini owner(authUser)

where authUser is the name of an authorized user. This command establishes that authUser is the owner of the file, and as the owner of the file, authUser can always update it.

You can use CA ControlMinder Endpoint Management or the seini utility to read, add, modify, and delete tokens in initialization files.

Note: The seini utility can only update the seos.ini file when seosd is not running, or when a rule in the database specifically permits it.

Using the secons rl command, you can reload an seos.ini file with updated tokens without having to restart the seosd daemon.

The following table lists all the sections in the seos.ini file.

Section

Description

AccountManager

Multiple JCS endpoint module

AgentManager

CA ControlMinder plugins management

crypto

Cryptographic module library settings.

daemons

A list of CA ControlMinder daemons the seload utility runs automatically.

Dependency

A list of products that use CA ControlMinder as an embedded component, as defined by users.

devcalc

Policy deviation calculator (devcalc) settings.

kblaudit

Keyboard logging session tracking settings.

lang

CA ControlMinder management interface (selang) settings.

ldap

LDAP server settings for the LDAP sample exit.

logmgr

Logging facility settings.

message

Message file settings.

mfsd

Mainframe synchronization daemon (mfsd) settings.

OS_user

Enterprise user store usage settings.

package

A list of installed CA ControlMinder packages.

pam_seos

Pluggable Authentication Module (PAM) programming interface settings.

passwd

Password replacement and user‑related services settings.

pmd

Common Policy Model database settings.

policyfetcher

Policy fetcher daemon (policyfetcher) settings.

PUPMAgent

SAM daemon (pupmagent) settings.

seagent

seagent daemon settings.

seauxd

Auxiliary daemon (seauxd) settings for Unicenter calendar updates.

segrace

User login information utility (segrace) settings.

seini

Configuration file management utility (seini) attributes.

selock

Desktop inactivity protection utility (selock) settings.

selogrd

Log routing daemons (selogrd and selogrcd) settings.

seos

Global configuration settings.

SEOS_syscall

SEOS_syscall kernel module settings.

seosd

Authorization daemon (seosd) settings.

seosdb

Database checking and rebuilding settings.

seoswd

Watchdog daemon (seoswd) settings.

serevu

Unsuccessful login attempts resolution utility (serevu) utility settings.

sesu

CA ControlMinder switch user utility (sesu) settings.

sesudo

CA ControlMinder substitute user do utility (sesudo) utility settings.

standalone

Standalone computer administration settings.

tcp_communication

Common TCP connection settings.

tng

CA ControlMinder integration with Unicenter settings.