Kernel Tables

Reference Guide › Utilities › secons Utility › secons -kt Function—Display Kernel Tables on UNIX › Kernel Tables

Kernel Tables

Kernel tables list frequently-accessed information to help improve CA ControlMinder performance. Kernel tables improve performance because CA ControlMinder does not need to check the database to permit, deny, or resolve events that are listed in the kernel tables.

CA ControlMinder includes the following types of kernel tables:

Cache tables—List the results of previous resource access requests, resolved inode numbers, and accepted incoming TCP requests.
Protected resource tables—List resources for which, when access is requested, CA ControlMinder always sends an authorization request to the CA ControlMinder engine.
Bypass tables—List resources for which, when access is requested, CA ControlMinder permits access without sending an authorization request to the CA ControlMinder engine.
Process table—Lists information about all the processes running in the system.

The following table provides information about each kernel table:

Table Name	Type	Lists	Column Names	Configuration Setting
SpecPgm	Protected resource	All objects in the SPECIALPGM class	flags; user; oid; i-node; device; program	SPECIALPGM class records
TrustPg	Protected resource	All objects in the PROGRAM class	flags; i-node; device; program	PROGRAM class records
LoginPg	Protected resource	All objects in the LOGINAPPL class	flags; i-node; device; program name	LOGINAPPL class records
DBfiles	Protected resource	All objects in the FILE class	file ID; i-node; device; program	FILE class records Note: The maximum number of records in this table is defined by max_regular_file_rules in the SEOS_syscall section of the seos.ini file
FRegExp	Protected resource	Generic file access rules that are defined in the FILE class	fid; expression	Defined by a generic rule in a FILE class record Note: The maximum number of records in this table is defined by max_general_file_rules in the SEOS_syscall section of the seos.ini file
DCMfile	Bypass	Do-not-call-me files that you define using GAC	fid; user; type; access	GAC.init file
ACpids	Bypass	Process IDs for the CA ControlMinder daemons	pid; service; contractID	-
InoCach	Cache	Cached inodes	i-node; device; priority; entry	cache_enabled in the SEOS_syscall section of the seos.ini file
F cache	Cache	Cached file access authorization results	file ID; access; acee; answer; phash; prio	-
NetwDCM	Cache	Cached accepted incoming TCP connections	peer; port; local port; flag; prio	UseNetworkCache in the seosd section of the seos.ini file
MntDirs	Protected resource	Directories that CA ControlMinder protects from mounting	dir ID; i-node; device; mount point	-
F inode	Protected resource	Inode and device number of objects in the FILE class	file ID; i-node; device; links	-
STOPbyp	Bypass	Objects in the PROGRAM class for which CA ControlMinder does not provide STOP protection	i-node; device; program	If STOP is enabled, objects in this table have a SPECIALPGM record with the property pgmtype(STOP)
STOPexp	Bypass	Regular expressions that define objects in the PROGRAM class for which CA ControlMinder does not provide STOP protection	priority; n-chars; expression	If STOP is enabled, objects in this table are defined by a generic rule in a SPECIALPGM record with the property pgmtype(STOP)
Family	Bypass	CA ControlMinder daemons	service; pid; contractID	-
DbgProt	Protected resource	CA ControlMinder binaries that CA ControlMinder protects from debugging	pid; access; name in proc	-
TCPport	Bypass	Ports for which seos_syscall will not pass events to seosd	TCP port	bypass_TCPIP in the seosd section of the seos.ini file
TCPoutp	Bypass	Ports for which seos_syscall will not pass outgoing connection events to seosd	TCP port	bypass_outgoing_TCPIP in the seosd section of the seos.ini file
ProcServ	Process	Lists information about all the processes running in the system	#n; pid; ppid; acee; flags; uid; euid; zone; arg0; ACuser Note: There are many more internal columns in this table that are not displayed by the secons utility	-