sepmdd Daemon (UNIX)

The Policy Model daemon.
capamsc141
The Policy Model daemon.
The sepmdd daemon is the PMDB daemon. The sepmdd daemon performs the following functions:
  • Administers the
    Privileged Access Manager
    and UNIX databases of the Policy Model.
  • Administers the subscriber database.
  • Propagates changes from the PMDB to the subscriber databases.
You can find the sepmdd daemon in the
ACInstallDir
/lbin directory. The daemon starts the PMDB if it is already created.
  • Syntax
    sepmdd policyModel
  • Parameters
    • policyModel
      The name of the Policy Model.
  • Other Files
    No other special files are used.
When you use selang and choose a Policy Model as your target (using hosts pmd@hostname), queries to sepmdd apply to the PMDB.
Queries do not apply to the various subscriber databases.
  • Ensure that a PMDB does not become a subscriber of itself. If a PMDB is subscribed to itself, the Policy Model may block or the network may become overloaded, filling the disk in the process.
  • When updating a Policy Model in the UNIX environment of selang, do not specify more than one user in the newusr command, or specify more than one group in the newgrp command.
  • When updating UNIX file attributes from selang, the Policy Model generates a message stating that the command was passed to its subscribers.
  • When working on a Policy Model, you cannot query the status of UNIX file attributes.
  • If you set the value of _shutoff_timeout_ to zero, the sepmdd daemon remains up and running indefinitely until you shut it off manually. Use the command sepmd -k to shut down the Policy Model daemon.