Role Based Policy - Miscellaneous Calls

GET https://pbuild:24351/pbrest/REST/v2.0/policy/rbp/list?appid=<appid>&timestamp=<timestamp>
&hmac=<hmac>
RESPONSE {  "rbp": [{ "version": 1, "who": "ctaylor", "why": "New data", 
"created": 1529322345} ] }
GET https://pbuild:24351/pbrest/REST/v2.0/policy/rbp/entitlement?appid=<appid>
&timestamp=<timestamp>&hmac=<hmac>

Optional Arguments

  • submituser=<wildcard>
  • runuser=<wildcard>
  • submithost=<wildcard>
  • runhost=<wildcard>
  • command=<wildcard>
RESPONSE {
"results": [
{
"id": 1,
"name": "Admin",
"tag": null,
"description": "Super users and admins",
"rorder": 1,
"action": "allowed",
"iolog": true,
"auth": false,
"script": false,
"message": false,
"submitusers": {
"Admins": {
"description": "Admin users",
"list": [
"root",
"admin"
]
}
},
"submithosts": {
"All Hosts": {
"description": "All Hosts",
"list": [
"*"
]
}
},
"runusers": {
"Admins": {
"description": "Admin users",
"list": [
"root",
"admin"
]
},
"Users": {
"description": "Normal Users",
"list": [
"user*"
]
}
},
"runhosts": {
"All Hosts": {
"description": "All Hosts",
"list": [
"*"
]
}
},
"commands": {
"User Commands": {
"description": "Common UNIX Commands",
"list": [
{  "cmd": "/bin/ls","runcommand": ""  },
{  "cmd": "/bin/ls *","runcommand": "" },
{  "cmd": "/usr/bin/ls","runcommand": "" },
{  "cmd": "/usr/bin/ls *","runcommand": ""},
{  "cmd": "/bin/cat *","runcommand": ""},
{  "cmd": "/usr/bin/cat *","runcommand": "" }
]
}
},
"time/dates": {
"Any Time": {
"description": "Any Time",
"list": [
{
"dotw": {
"mon": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"tue": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"wed": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"sun": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"thu": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"fri": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
],
"sat": [
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15 ]
]
}
}
]
}
}
}
]
}
GET https://pbuild:24351/pbrest/REST/v2.0/policy/rbp/entrpt?appid=<appid>
&timestamp=<timestamp>&hmac=<hmac>

Optional Arguments

  • submituser=<wildcard>
  • runuser=<wildcard>
  • submithost=<wildcard>
  • runhost=<wildcard>
  • command=<wildcard>
  • wrap=number of columns
RESPONSE {
  "entitlement": "======================================================================\nPrivilege Management for Unix and Linux Role Based Policy Entitlement Report - Level 1\n----------------------------------------------------------------------------\nDate/Time: 2018-06-18 09:14:48\nUser: *\nBelongs to the following Roles: \n    Admin,users\n======================================================================\nRole Order:     1\nName:           Admin\nDescription:    Super users and admins\nAction:         allowed\nTag:            \nMembership:     Admins\n\nSubmit Host(s): Any PBUL Host\nRun Host(s):    Any PBUL Host\n\nCommands may be executed as user(s): root,admin,user*\n\nPlease use the '-u' flag to select user at run time.\neg: pbrun -u runuser command [arguments]\n\nUser may request the following commands using pbrun:\n/bin/find *,/usr/bin/ls,/bin/ls,/bin/cat *,/bin/ls *,/usr/bin/ls *,/usr/bin/rm *,\n/usr/bin/cat *,/usr/bin/find *,/sbin/shutdown *,/bin/more *,/bin/id,/usr/bin/more *,\n/usr/bin/mount *,/bin/ln *,/bin/mount *,/bin/rm *,/usr/sbin/shutdown *,\n/usr/bin/ln *,/usr/bin/id,/sbin/ifconfig *,/usr/sbin/ifconfig *\n\n\n======================================================================\nRole Order:     4\nName:           users\nDescription:    Normal users\nAction:         allowed\nTag:            \nMembership:     Users\n\nSubmit Host(s): build.company.com,staging.company.com,nfs.company.com\nRun Host(s):    build.company.com,staging.company.com,nfs.company.com\n\nCommands will execute as user: user*\n\nUser may request the following commands using pbrun:\n/usr/bin/ls,/bin/find *,/bin/ls,/bin/cat *,/bin/ls *,/usr/bin/rm *,/usr/bin/ls *,\n/usr/bin/cat *,/usr/bin/find *,/bin/id,/bin/more *,/usr/bin/more *,/bin/ln *,\n/bin/rm *,/usr/bin/ln *,/usr/bin/id\n\n\n"
}