Resource Overhead

There are not any startup or shutdown programs associated with Privilege Management for Unix and Linux. From a system resource perspective, a basic Privilege Management for Unix and Linux session uses about the same overhead as a telnet session with additional front-end work for processing the policy security file. I/O logging can add the equivalent of another telnet session.

Instances of the Privilege Management for Unix and Linux daemons, pbmasterd and pblocald, are requested by pbrun and are actually started by the superdaemon when a monitored task request is submitted to pbrun. Instances of the Privilege Management for Unix and Linux log server daemon, pblogd, are actually started by the superdaemon. The superdaemon is inetd, xinetd, launchd, or SMF depending on the platform.

Within this guide, references to inetd, xinetd, launchd, and SMF are used interchangeably unless otherwise denoted.

For systems based on RedHat version 7+, xinetd is no longer installed by default, since it has been superceded by systemd, which is an init system. The installation program of Privilege Management for Unix and Linux performs a check to see if systemd exists and is functional. If it exists, it configures Privilege Management for Unix and Linux daemons to be managed by systemd. If systemd is not present, the installation program checks if xinetd is installed and running and displays a warning message if it is not.

Having the superdaemon start pblogd, pbmasterd, and pblocald when requested by pbrun is the normal way to initiate the Privilege Management for Unix and Linux daemons. It is also possible to explicitly start the daemon as a persistent daemon.

The terms monitored task and secured task are interchangeable.

SSL adds some startup overhead for certificate exchange and verification. The encryption overhead is slightly larger than self-contained encryption technologies (such as DES) because of the use of packet checksums by SSL.

Privilege Management for Unix and Linux requires 10 to 50MB of disk space, depending on the installation options selected.

For more information, please see the Privilege Management for Unix and Linux Administration Guide.