runcksumlist

List

The runcksumlist variable contains a list of checksum values. By default, runcksumlist is an empty list. Populate it by running the Privilege Management for Unix and Linux utility program pbsum, which generates application and file checksum values.

Use checksum values to determine if the target files or applications have changed by establishing baseline checksum values and then comparing those baseline checksum values against a checksum that is generated during security policy file processing. If the checksum value that was generated during security policy file processing does not match any of the values in runcksumlist, then the file or application has changed since generation of the baseline checksum, and Privilege Management for Unix and Linux refuses to run it.

Application checksum values can be used to determine if a virus has infected an application or if the file has been changed.

There is no read-only version of this variable.

This run variable does not apply to pbssh. If it is present in the policy, it does not have any effect on pbssh and is ignored.

runcksumlist = list of checksum values;

A list of strings that represents checksum values generated by pbsum. The default value is empty, which specifies no checksum checking.

runcksumlist={"b3b156bc", "59bf4a99"};

For more information, please see the following: