seosd Daemon
Valid on UNIX
capamsc141
Valid on UNIX
The
Privileged Access Manager
authorization daemon. The executable file seosd is the main Privileged Access Manager
daemon. A daemon is a process that has disconnected from both its controlling TTY and its parent process. The Privileged Access Manager
daemon makes the runtime decisions that are required to grant or deny access to a resource.Only root can invoke seosd, and only a user with the ADMIN or OPERATOR attribute can shut it down.
The
Privileged Access Manager
daemon opens, reads, and updates the database. No other process can access this database while the Privileged Access Manager
daemon is running. The Privileged Access Manager
daemon also blocks any write, delete, or rename access to critical files. These files include the Privileged Access Manager
audit and trace files and, optionally, the Privileged Access Manager
binary files.The seosd executable becomes a daemon only if one or both of the following conditions are true:
- The trace messages are not sent to the screen. You set the trace_to token in the seos.ini file tofile,file, stop, ornone.
- You specify no argument (except-d) on the command line when invoking the utility.
If none of these conditions are true, seosd remains a regular process, which is connected to the terminal from which you invoked it.
During startup, seosd also invokes the following processes:
- seagent, thePrivileged Access Manageragent daemon.
- seoswd, thePrivileged Access Managerwatchdog daemon.
The
Privileged Access Manager
daemon is initialized only after these daemons are also running. After initialization, these three daemons maintain a type of handshaking protocol to ensure that they are all alive and responding. If one of these daemons is found to be absent, one of the other two daemons automatically restarts it.This command has the following format:
seosd [-d|argument]
If you enter seosd with no arguments, it runs seosd as a daemon.
- argumentIgnored. However, if you specify an argument, seosd remains a regular process.
- -dRuns seosd as a daemon and forces tracing to the trace_file.