How the Kernel Unloading Exits Work
To let you control operating system and third-party processes, Privileged Identity Manager lets you automatically make calls to UNIX exits when unloading the Privileged Identity Manager kernel extension.
cminder12801
To let you control operating system and third-party processes, Privileged Identity Manager lets you automatically make calls to UNIX exits when unloading the Privileged Identity Manager kernel extension.
When you run
SEOS_load -u
, Privileged Identity Manager performs the following actions:- Looks for programs in the following directory:ACInstallDir/exits/LOAD
- Selects all the programs that have file names of the following format:
WhereSEOS_unload_string.alwaysstringcan be any descriptive strings. - Executes, in lexicographical order, each file it found in the directoryACInstallDir/exits/LOAD:
Each file is executed with theSEOS_load_string.always -pre-preparameter so that you can write your exits to detect the parameter and perform the actions required before the kernel is unloaded.If the exit returns a nonzero value, Privileged Identity Manager kills the exit process, displays an error message, and aborts the kernel unloading. - Tries to unload the kernel.If the kerneldoes notunload:
- Selects all the programs that have file names of the following format:
SEOS_unload_SEOS_unload_string.opt Executes, in lexicographical order, each file it found in the directory ACInstallDir/exits/LOAD: SEOS_unload_string.opt -preEach file is executed with the -pre parameter so that you can write your conditional exits to detect the parameter and perform the additional optional actions required before the kernel is unloaded.Note: If the exit returns a nonzero value, Privileged Identity Manager kills the exit process, displays an error message, and aborts the kernel unloading.Unloads the kernel.Executes, in lexicographical order, each file it found in the directory ACInstallDir/exits/LOAD: SEOS_unload_string.opt -postEach file is executed with the -post parameter so that you can write your conditional exits to detect the parameter and perform the additional optional actions required before the kernel is unloaded.Note: If the exit returns a nonzero value, Privileged Identity Manager kills the exit process and displays an error message. Having already been unloaded, the Privileged Identity Manager kernel remains unloaded.string.opt- Executes, in lexicographical order, each file it found in the directoryACInstallDir/exits/LOAD:
- Executes, in lexicographical order, each file it found in the directoryACInstallDir/exits/LOAD:
Each file is executed with theSEOS_unload_string.always -post-postparameter so that you can write your exits to detect the parameter and perform the actions required after the kernel is loaded.If the exit returns a nonzero value, Privileged Identity Manager kills the exit process and displays an error message. Having already been unloaded, the Privileged Identity Manager kernel remains not loaded.