Valid on UNIX
The seos.ini file contains various setup and initialization tokens used by CA ControlMinder. Each token occupies a line in the file, in the following format:
token = value
The lines containing the tokens for a particular utility, daemon, or other facility of CA ControlMinder are grouped together in sections. Each section starts with a header line that gives the section name inside square brackets. Every token belongs to a section. For example, the following line starts the section that governs the serevu utility:
[serevu]
The seos.ini file, as installed, is protected by CA ControlMinder and cannot be updated while CA ControlMinder is running. The file, as defined by default in CA ControlMinder, has READ access because many utilities access this file during their processing. If they cannot read the seos.ini file, they will fail.
Enter the following selang command to let an authorized user update the file while CA ControlMinder is running:
newres FILE /opt/CA/AccessControl/seos.ini owner(authUser)
where authUser is the name of an authorized user. This command establishes that authUser is the owner of the file, and as the owner of the file, authUser can always update it.
You can use CA ControlMinder Endpoint Management or the seini utility to read, add, modify, and delete tokens in initialization files.
Note: The seini utility can only update the seos.ini file when seosd is not running, or when a rule in the database specifically permits it.
Using the secons ‑rl command, you can reload an seos.ini file with updated tokens without having to restart the seosd daemon.
The following table lists all the sections in the seos.ini file.
Section |
Description |
---|---|
AccountManager |
Multiple JCS endpoint module |
AgentManager |
CA ControlMinder plugins management |
crypto |
Cryptographic module library settings. |
daemons |
A list of CA ControlMinder daemons the seload utility runs automatically. |
Dependency |
A list of products that use CA ControlMinder as an embedded component, as defined by users. |
devcalc |
Policy deviation calculator (devcalc) settings. |
kblaudit |
Keyboard logging session tracking settings. |
lang |
CA ControlMinder management interface (selang) settings. |
ldap |
LDAP server settings for the LDAP sample exit. |
logmgr |
Logging facility settings. |
message |
Message file settings. |
mfsd |
Mainframe synchronization daemon (mfsd) settings. |
OS_user |
Enterprise user store usage settings. |
package |
A list of installed CA ControlMinder packages. |
pam_seos |
Pluggable Authentication Module (PAM) programming interface settings. |
passwd |
Password replacement and user‑related services settings. |
pmd |
Common Policy Model database settings. |
policyfetcher |
Policy fetcher daemon (policyfetcher) settings. |
PUPMAgent |
SAM daemon (pupmagent) settings. |
seagent |
seagent daemon settings. |
seauxd |
Auxiliary daemon (seauxd) settings for Unicenter calendar updates. |
segrace |
User login information utility (segrace) settings. |
seini |
Configuration file management utility (seini) attributes. |
selock |
Desktop inactivity protection utility (selock) settings. |
selogrd |
Log routing daemons (selogrd and selogrcd) settings. |
seos |
Global configuration settings. |
SEOS_syscall |
SEOS_syscall kernel module settings. |
seosd |
Authorization daemon (seosd) settings. |
seosdb |
Database checking and rebuilding settings. |
seoswd |
Watchdog daemon (seoswd) settings. |
serevu |
Unsuccessful login attempts resolution utility (serevu) utility settings. |
sesu |
CA ControlMinder switch user utility (sesu) settings. |
sesudo |
CA ControlMinder substitute user do utility (sesudo) utility settings. |
standalone |
Standalone computer administration settings. |
tcp_communication |
Common TCP connection settings. |
tng |
CA ControlMinder integration with Unicenter settings. |
Copyright © 2013 CA Technologies.
All rights reserved.
|
|