hosts Command Connect to a Remote Terminal
Valid in all environments
capamsc141
Valid in all environments
The hosts command specifies the hosts or Policy Models to which the selang commands are sent. It lets you connect to a remote
PAM Server Control
computer with a different name, so you can remotely manage the computer while local PAM Server Control
services are running. By default, all selang commands are directed to the database on the local host.The hosts command must be executed before executing the commands that are to be directed to the hosts.
To administer (update) a remote host database from the local host, you must meet
one
of the following criteria:- Be explicitly authorized to update the remote host database from the local database
- Be a member of a group that is allowed to update the remote host database from the local database
- Be the owner of the local host as defined in the remote host
To list all the hosts and PMDBs that are currently available, specify the hosts command without any parameters.
PAM Server Control
protects hosts through their canonical host names and not through aliases. To avoid the confusion caused by alias names, PAM Server Control
issues a warning when a HOST rule is defined for an alias name. Similarly, PAM Server Control
gives a warning if a HOST is defined with less than a fully qualified name, because PAM Server Control
uses fully qualified names (for example, mymachine.yourcompany.com) for hosts.This command has the following format:
hosts [{systemIds|policyModel@[hostname]}] [uid(username) password(pw)]
- systemIdsSpecifies the system IDs of the hosts on which the selang commands are to be executed. When specifying more than one host, enclose the list of systems IDs in parentheses and separate the system IDs with a space or a comma.
- policyModel@[hostname]Specifies the addresses of the Policy Models on which the selang commands are to be executed. When specifying more than one Policy Model, enclose the list of Policy Model addresses in parentheses and separate the Policy Model addresses with a space or a comma.Default:If you do not specifyhostname,PAM Server Controltries to connect to the PMDB on the local host.The advantage of using a Policy Model over explicitly specifying the hosts is that the system where the Policy Model resides keeps on trying to update all the systems defined to the Policy Model, even if they are currently unavailable. For more information about Policy Models, see theEndpoint Administration Guidefor your OS.
- uid(username)(Optional) Specifies the name of an alternatePAM Server Controladmin that may be used to log into the target database.
- password(pw)Specifies the password of the user ID in the uid token.
Example: Connect to the Local Host
To connect to the local seosdb database, use the following command:
hosts @
To connect to a local PMDB, use the following command:
hosts PMDB@
Example: Let a User or Group Update Remote Hosts
To give a user authorization to update the remote host database from the local database, on the remote host enter the command:
authorize TERMINAL local_host uid user_name access(write)
To give a group authorization to update the remote host database from the local database, on the remote host enter the command:
authorize TERMINAL local_host gid(group_name) access(write)
Example: Apply selang Commands to a Remote Policy Model
To apply all subsequent commands to the Policy Model on the station h1, type the command:
hosts Policy@h1
If the connection to
Policy@h1
is successful, the following message appears.Successfully connected to h1
All commands entered from now on are directed to Policy@h1 and not to the local host. The selang prompt changes to the following:
Remote_PAMSC>
Example: Apply selang Commands to a Remote Host
To apply all future commands to the station athena, type the command:
hosts athena
If successful connections are made to athena, the following messages appear on the screen.
(athena)Successfully connectedINFO: Target version is 2.50
Any command you enter is applied to athena and is not sent to the local host. If you add a new user, the user is only added to athena, as shown in this example:
Remote_PAMSC>newusr steve(athena) USER steve successfully added.
Example: Connect as a Different User
You can use the uid and password parameters to log into the database (seosdb or PMDB) as a different user. This is useful when connecting to the local or remote host as administrator (root).
hosts @ uid(root) password(P@ssword01)