seosd Daemon

Valid on UNIX
capamsc141
Valid on UNIX
The
Privileged Access Manager
authorization daemon. The executable file seosd is the main 
Privileged Access Manager
daemon. A daemon is a process that has disconnected from both its controlling TTY and its parent process. The 
Privileged Access Manager
daemon makes the runtime decisions that are required to grant or deny access to a resource.
Only root can invoke seosd, and only a user with the ADMIN or OPERATOR attribute can shut it down.
The 
Privileged Access Manager
daemon opens, reads, and updates the database. No other process can access this database while the 
Privileged Access Manager
daemon is running. The 
Privileged Access Manager
daemon also blocks any write, delete, or rename access to critical files. These files include the 
Privileged Access Manager
audit and trace files and, optionally, the 
Privileged Access Manager
binary files.
The seosd executable becomes a daemon only if one or both of the following conditions are true:
  • The trace messages are not sent to the screen. You set the trace_to token in the seos.ini file to
    file
    ,
    file, stop
    , or
    none
    .
  • You specify no argument (except-d) on the command line when invoking the utility.
If none of these conditions are true, seosd remains a regular process, which is connected to the terminal from which you invoked it.
During startup, seosd also invokes the following processes:
  • seagent, the 
    Privileged Access Manager
    agent daemon.
  • seoswd, the 
    Privileged Access Manager
    watchdog daemon.
The 
Privileged Access Manager
daemon is initialized only after these daemons are also running. After initialization, these three daemons maintain a type of handshaking protocol to ensure that they are all alive and responding. If one of these daemons is found to be absent, one of the other two daemons automatically restarts it.
This command has the following format:
seosd [-d|argument]
If you enter seosd with no arguments, it runs seosd as a daemon.
  • argument
    Ignored. However, if you specify an argument, seosd remains a regular process.
  • -d
    Runs seosd as a daemon and forces tracing to the trace_file.