Implementation question regarding surrogate policies
Here we explain a sample on how to use surrogate policies in a pamsc case
Release : 4.1.x
PAMSC 14.1.x
Guidance on setting up a surrogate policy
This is the official documentation
As a sample, this can be implemented using following policy :
er PROGRAM /opt/CA/PAMSC/bin/sesu owner(nobody) defaccess(N) trust
auth PROGRAM /opt/CA/PAMSC/bin/sesu xgid(******) acc(A)
er SURROGATE USER._default defaccess(n)
er SURROGATE USER.root defacc(n)
auth SURROGATE USER.root xgid(*******) acc(A)
er SURROGATE USER.ans defacc(n)
auth SURROGATE USER.ans xuid(*****) acc(a)