UPM Components - Programs

This section describes each of the UPM components.

pmmasterd

Master daemon, pmmasterd, is Privilege Manager's decision-maker. pmmasterd receives requests from pmrun, and evaluates them according to the policy written in the configuration file (/etc/pm.conf or other included files). If the request is accepted, pmmasterd asks pmlocald to run the request in a controlled account such as root.

pmmasterd is only present on UPM master systems and is initiated from an entry in /etc/inetd.conf.

pmlocald

pmlocald is Privilege Manager’s local daemon. pmlocald runs programs (or commands) when instructed to do so by the appropriate master daemon.

pmlocald is present on UPM Agent systems and is initiated from an entry in /etc/inetd.conf.

pmrun

pmrun is the Privilege Manager client that is installed on UPM client machines wherever a user needs to initiate a UPM session. pmrun is typed at the beginning of the command line. For example:

pmrun cat /etc/shadow

pmrun should be located in a directory defined in the users PATH.

Optional Client Programs

Privilege Manager contains some optional client programs pmvi, pmless, pmumacs and pmmg. The pmvi, pmumacs and pmmg programs are Privilege Manager's versions of the vi and emacs text editors. pmless is Privilege Manager's version of the less utility, which is similar to the more command.
All of the programs have been modified so that they can only edit the file specified on the command line. All internal commands for reading and writing of other files have been removed. All internal commands for starting subprocesses (including subshells) have also been removed. Typically you might want to use these utilities when you need to grant ordinary users the ability to safely manipulate certain files as root under Privilege Manager.

If required these utilities should be installed on UPM clients within a directory defined in a users PATH.