CA (Privileged Identity Manager) Tuesday Tip by <Vinay Reddy>, <Support Engineer> for <3/24/2014>
Sometimes we get a scenario where we need run the Privileged Identity Manager (Control Minder) in parallel with the SELinux. If both are running on the server at a given time, the ControlMinder sewhoami utility detects every user who logs in to the server as root.
To mitigate this, Control Minder is packed with an executable which allows both SELinux and Privileged Identity Manager to run in conjunction.
To achieve this, perform the below steps
- On the server, navigate to <Access_Control_InstallDirectory>/lbin
- ./sshd_policy.sh
[SAMPLE OUTPUT]
[root@Server lbin]# ./sshd_policy.sh
/usr/bin/checkmodule: loading policy configuration from /tmp/AC_TMP.31027/CAeAC.te
/usr/bin/checkmodule: policy configuration loaded
/usr/bin/checkmodule: writing binary representation (version 6) to /tmp/AC_TMP.31027/CAeAC.mod
Thank You for Reading and Have Good Day!!