Settings and Configuration Policy File Names

It is possible for one machine to have multiple installations of Privilege Management for Unix and Linux. This can be done to balance resources or partition usage.

For example, if the prefix is g and the suffix is 7, the pblogd executable is installed as gpblogd7. The same prefixes and/or suffixes also apply to all of the files that are used by default for Privilege Management for Unix and Linux. Continuing the example, the settings file changes from pb.settings to gpb.settings7. The same prefix and/or suffix is also prepended and/or appended to pb.key, pb.conf, and all the binary files in this installation set.

This feature can be used to allow for multiple configurations with different functionality, such as Kerberized and non-Kerberized installations on the same machine. For example, a suffix of k could be used for the Kerberized files.

Throughout this guide there are references to /etc/pb.settings and /opt/pbul/policies/pb.conf. This usage assumes that the default settings and configuration files are used.

Privilege Management for Unix and Linux programs recognize prefixes and/or suffixes on their names and use settings and configuration files with the same prefixes and/or suffixes. This feature allows multiple differing configurations on the same machine. This feature is consistent with the rest of the product where any number of settings files may be used. Examples of the settings and configuration file names are listed in the following table:

Program Name Settings Filename Default Policy Configuration File
pbrun /etc/pb.settings /opt/pbul/policies/pb.conf
pbrun_alt /etc/pb.settings_alt /opt/pbul_alt/policies/pb.conf_alt
my.pnrun /etc/my.pnpb.settings /opt/my.pnpbul/opt/my.pbpb.conf
kpbmasterd /etc/kpb.settings /opt/kpbul/opt/kpb.conf
kpblocald.2 /etc/kpb.settings.2 /opt/kpbul.2/opt/kpb.conf.2

If the prefix or suffix cannot be determined, then /etc/pb.settings and /opt/pbul/policies/pb.conf are used.