pagdel Command

Purpose

Removes any existing PAG association within the current process' credentials.

Syntax

paginit [ -R module_name ] [ username ]

Description

The pagdel command will remove the PAG identifier from the current process' credentials structure. If the -R option is omitted, the registry attribute will be used as the module_name.

Flags

Item Description
-R module_name Specifies a load module found in /usr/lib/security/modules.cfg. The load_module will be asked to delete any PAG currently associated with the process.

Security

Access Control: This command should grant execute (x) access only to the root user and members of the security group. This command should be installed as a program in the trusted computing base (TCB). The command should be owned by the root user with the setuid (SUID) bit set.

Auditing

USER_PagDelete

Example

To remove the PKI authentication certificate associated with the current process, type:
pagdel -R FPKI