Implementation question regarding surrogate policies

Here we explain a sample on how to use surrogate policies in a pamsc case

Release : 4.1.x

PAMSC 14.1.x

Guidance on setting up a surrogate policy

This is the official documentation

As a sample, this can be implemented using following policy :

er PROGRAM /opt/CA/PAMSC/bin/sesu owner(nobody) defaccess(N) trust

auth PROGRAM /opt/CA/PAMSC/bin/sesu xgid(******) acc(A)

er SURROGATE USER._default defaccess(n)

er SURROGATE USER.root defacc(n)

auth SURROGATE USER.root xgid(*******) acc(A)

er SURROGATE USER.ans defacc(n)

auth SURROGATE USER.ans xuid(*****) acc(a)