Symantec Privileged Access Management

CA (Privileged Identity Manager) Tuesday Tip by <Vinay Reddy>, <Support Engineer> for <3/24/2014>

Sometimes we get a scenario where we need run the Privileged Identity Manager (Control Minder) in parallel with the SELinux. If both are running on the server at a given time, the ControlMinder sewhoami utility detects every user who logs in to the server as root.

To mitigate this, Control Minder is packed with an executable which allows both SELinux and Privileged Identity Manager  to run in conjunction.

To achieve this, perform the below steps

• On the server, navigate to <Access_Control_InstallDirectory>/lbin
• ./sshd_policy.sh

[SAMPLE OUTPUT]

[root@Server lbin]# ./sshd_policy.sh

/usr/bin/checkmodule:  loading policy configuration from /tmp/AC_TMP.31027/CAeAC.te

/usr/bin/checkmodule:  policy configuration loaded

/usr/bin/checkmodule:  writing binary representation (version 6) to /tmp/AC_TMP.31027/CAeAC.mod

Thank You for Reading and Have Good Day!!

Thanks for sharing this tip with the CA Security Community, VinayReddy!

Can this also be tagged with "selinux" "sewhoami" and "root" for more visibility? I have had this scenario come up several times and it manifests itself with sewhoami returning root. It is not obvious that selinux being enabled is the cause until we see this document. Thanks

Simon,

Added the tags as suggested by you. Thanks