seoswd (UNIX)
In the [seoswd] section, the tokens determine the behavior of the Watchdog.
capamsc141
In the [seoswd] section, the tokens determine the behavior of the Watchdog.
agent_manager_check_enabled
Specifies whether to protect the AgentManager daemon.
Default:
noagent_manager_refresh_interval
Specifies the interval when the Watchdog checks if the Agent Manager daemon is running or not.
Default:
10 minutesBlockingInterval
Specifies the interval, in seconds, that the Watchdog waits for a response from the main daemon. When elapsed, the Watchdog sends a signal to the main daemon.
Default:
60 seconds debug_ backup_dir
Defines the location of the backup debug messages files.
Default:
PAM Server Control
product log directorydebug_ backup_num
Defines the number of debug backup files to save.
Values:
A positive numberDefault:
2debug_file
Defines the location of the file to which seoswd debug messages are written.
Default:
/log/seoswd_debug under the CM product directorydebug_ level
Defines the lowest level of debug messages to save. The level of the value set and all levels above are saved.
Values:
Disabled (no messages are saved), Critical, Very High, High, Normal, LowDefault:
Criticaldebug_size
Defines the maximum size in MBs of the debug messages file.
Values:
A positive numberDefault:
256IgnoreScanInterval
Specifies whether to scan programs and files at specific intervals.
If the token value is no, then the Watchdog performs interval scanning. If the value is yes, then it does not scan at intervals.
If you do not specify the scan times with the PgmTestTime or SecFileTestTime tokens, and this token is set to yes, then the Watchdog does not scan trusted programs or secured files respectively.
Default:
noPgmRest
Specifies the period, in seconds, after the last event and before checking programs again. The program rests to prevent system overload.
Default:
10 secondsPgmTestInterval
Specifies the time interval, in seconds, between the rescanning of trusted programs.
If the value equals or is greater than one day (86400 seconds), then IgnoreScanInterval defaults to yes.
Default:
18000 seconds (five hours)PgmTestStartTime
Specifies the start time, in hh:mm format, of the first trusted program scan.
Default:
If you do not set this token, the Watchdog performs the first scan shortly after startup.PgmTestTime
Specifies fixed scan times, in hh:mm format, for trusted programs. You can specify more than one scan time by separating them with spaces.
Default:
If you do not specify scan times, and you set the IgnoreScanInterval token to yes, then the Watchdog does not scan trusted programs.policyfetcher_refresh_interval
Specifies the interval, in seconds, to verify that the policyfetcher daemon is running.
Default:
600ProcHandlesCritical
Specifies the process critical handle count. The Watchdog restarts the process when the critical handle count is exceeded.
Valid Values:
0 (disables token), 800 (minimum value)Default Value:
1500ProcHandlesHigh
Specifies the high watermark for the process handle count. The Watchdog restarts the process during the restart hours when the defined handle count is exceeded.
Valid Values:
0 (disables token), 800 (minimum value)The token is disabled if the value is greater than ProcHandlesCritical value.
Default Value:
1000ProcRestartHours
Specifies the hours when the Watchdog restarts the high handle count process.
Valid Values:
0 - 23 (value in hours)Default Value:
0 - 5ProcVSizeCritical
Specifies the process critical memory size in megabytes. The Watchdog restarts the process immediately when the specified limit is exceeded.
Default Value:
500 MBProcVSizeHigh
Specifies the high watermark for process memory size. The Watchdog restarts during the restart hours.
Default Value:
300 (value in megabytes)ProcVSizeInterval
Specifies the interval, in seconds, between the process performance counters verification. The Watchdog checks the following processes:
SeOS Watchdog (seoswd)
SeOS Engine (seosd)
SeOS Agent (SeOSAgent)
SeOS Policy Model (sepmdd)
CA ControlMinder Agent Manager (AgentManager)
CA ControlMinder Report Agent (ReportAgent)
Default: 900 seconds
RefreshParams
Specifies the time interval, in seconds, between successive reads by the Watchdog of the seos.ini tokens.
Default:
86400 (one day)SecFileRest
Specifies the period, in seconds, after the last event and before checking secured files again. To prevent system overload, the Watchdog rests.
If you do not specify scan times, and you set the IgnoreScanInterval token to yes, then seoswd does not scan secured files.
Default:
10SecFileTestInterval
Specifies the time interval, in seconds, between the rescanning of secured files.
Default:
36000 (ten hours)SecFileTestStartTime
Specifies the start time, in hh:mm format, of the first scan of secured files.
Default:
If no value is given, the Watchdog performs the first scan a short time after the PAM Server Control
daemons start.SecFileTestTime
Specifies fixed scan times, in hh:mm format, for secured files. You can specify more than one scan time by separating them with spaces.
Default:
N/ASeosAYT
(UNIX only) Specifies the time interval, in seconds, between the Watchdog checks of the daemon seosd ("Are you there?").
Do not modify this token by yourself because an incorrect value can cause problems in the operation of
PAM Server Control
. For assistance, contact CA Support at http://ca.com/support.Default:
60SignalMinInterval
Specifies the interval, in seconds, between scans after a HUP signal triggers a one‑time scan on demand, to protect the system against overload.
Scan on demand is performed both on trusted programs and secured files.
Default:
60UnTrustMissing
Determines whether the Watchdog attempts to untrust a program or file, even though it cannot find it. For example, if the file was deleted or the relevant NFS partition is not mounted.
Values:
yes (Attempt to untrust the missing file), no (Do not attempt to untrust the missing file).Default:
yesunab_check_enabled
Specifies whether to protect the authentication daemon.
Values:
yes, noDefault:
nounab_refresh_interval
Specifies the interval, in seconds, to verify that the authentication daemon is running.
Default:
600UnTrustMissing
Specifies whether the Watchdog must attempt to untrust a program or a file, even though it is not found. For example, a file is deleted or the relevant NFS partition is not mounted.
Values:
yes (attempt to untrust the missing file), no (do not attempt to untrust the missing file) Default:
yesVerifyCtime
Specifies whether
PAM Server Control
Watchdog checks the time of the last file status change of trusted programs and secure files.Valid Values:
yes, no.Default:
noWatchdogRequestsInterfaceName
Specifies the pipe server name which communicates with the Watchdog.
Default:
WatchdogRequests