sepmdd Daemon (UNIX)
The Policy Model daemon.
capamsc141
The Policy Model daemon.
The sepmdd daemon is the PMDB daemon. The sepmdd daemon performs the following functions:
- Administers thePrivileged Access Managerand UNIX databases of the Policy Model.
- Administers the subscriber database.
- Propagates changes from the PMDB to the subscriber databases.
You can find the sepmdd daemon in the
ACInstallDir
/lbin directory. The daemon starts the PMDB if it is already created.- Syntaxsepmdd policyModel
- Parameters
- policyModelThe name of the Policy Model.
- Other FilesNo other special files are used.
When you use selang and choose a Policy Model as your target (using hosts pmd@hostname), queries to sepmdd apply to the PMDB.
Queries do not apply to the various subscriber databases.
- Ensure that a PMDB does not become a subscriber of itself. If a PMDB is subscribed to itself, the Policy Model may block or the network may become overloaded, filling the disk in the process.
- When updating a Policy Model in the UNIX environment of selang, do not specify more than one user in the newusr command, or specify more than one group in the newgrp command.
- When updating UNIX file attributes from selang, the Policy Model generates a message stating that the command was passed to its subscribers.
- When working on a Policy Model, you cannot query the status of UNIX file attributes.
- If you set the value of _shutoff_timeout_ to zero, the sepmdd daemon remains up and running indefinitely until you shut it off manually. Use the command sepmd -k to shut down the Policy Model daemon.