How the Kernel Unloading Exits Work

To let you control operating system and third-party processes, Privileged Identity Manager lets you automatically make calls to UNIX exits when unloading the Privileged Identity Manager kernel extension.
cminder12801
To let you control operating system and third-party processes, Privileged Identity Manager lets you automatically make calls to UNIX exits when unloading the Privileged Identity Manager kernel extension.
When you run
SEOS_load -u
, Privileged Identity Manager performs the following actions:
  1. Looks for programs in the following directory:
    ACInstallDir/exits/LOAD
  2. Selects all the programs that have file names of the following format:
    SEOS_unload_string.always
    Where
    string
    can be any descriptive strings.
  3. Executes, in lexicographical order, each file it found in the directory
    ACInstallDir
    /exits/LOAD:
    SEOS_load_string.always -pre
    Each file is executed with the
    -pre
    parameter so that you can write your exits to detect the parameter and perform the actions required before the kernel is unloaded.
    If the exit returns a nonzero value, Privileged Identity Manager kills the exit process, displays an error message, and aborts the kernel unloading.
  4. Tries to unload the kernel.
    If the kernel
    does not
    unload:
    1. Selects all the programs that have file names of the following format:
    SEOS_unload_string.opt Executes, in lexicographical order, each file it found in the directory ACInstallDir/exits/LOAD: SEOS_unload_string.opt -preEach file is executed with the -pre parameter so that you can write your conditional exits to detect the parameter and perform the additional optional actions required before the kernel is unloaded.Note: If the exit returns a nonzero value, Privileged Identity Manager kills the exit process, displays an error message, and aborts the kernel unloading.Unloads the kernel.Executes, in lexicographical order, each file it found in the directory ACInstallDir/exits/LOAD: SEOS_unload_string.opt -postEach file is executed with the -post parameter so that you can write your conditional exits to detect the parameter and perform the additional optional actions required before the kernel is unloaded.Note: If the exit returns a nonzero value, Privileged Identity Manager kills the exit process and displays an error message. Having already been unloaded, the Privileged Identity Manager kernel remains unloaded.
    SEOS_unload_
    string
    .opt
    1. Executes, in lexicographical order, each file it found in the directory
      ACInstallDir
      /exits/LOAD:
  5. Executes, in lexicographical order, each file it found in the directory
    ACInstallDir
    /exits/LOAD:
    SEOS_unload_string.always -post
    Each file is executed with the
    -post
    parameter so that you can write your exits to detect the parameter and perform the actions required after the kernel is loaded.
    If the exit returns a nonzero value, Privileged Identity Manager kills the exit process and displays an error message. Having already been unloaded, the Privileged Identity Manager kernel remains not loaded.