Abstract: A system and method for managing multiple server computer systems on a computer network. The functions of a central management server are distributed to multiple daemons executing independently of each other on one or more computer systems. Distributing the functions of the central management server to separate multiple daemons substantially improves the reliability of a multi-server management application.

Abstract: A method and apparatus for delegating root access to non-root users of a computer system while maintaining computer system security are disclosed. Such a method may include authorizing a role for a user, wherein the authorized role includes one or more tools and the tools enable root access for certain tasks that the tools perform when run, whereby the one or more tools are delegated to the user and authorizing a machine of the computer system for the authorized role, wherein the computer system comprises a plurality of machines and the user is enabled to utilize the authorized role only on authorized machines, whereby utilizing the authorized role comprises running the one or more tools of the authorized role. Embodiments of the invention may comprise authorization objects that comprise attributes identifying a user and the roles and machine for which the user is authorized.

Abstract: A method and apparatus for managing tool execution via roles on a computer system while maintaining computer system security, wherein the computer system comprises a plurality of roles, are disclosed. Such a method and apparatus may include delegating tools to a user based on a role, wherein a tool provides root access for performing a specific task in the computer system and the role is an authorized role that enables the user to run the delegated tools, identifying one of the plurality of roles to be disabled, wherein the identified role is the authorized role, accessing the identified role, and, disabling the identified role so that the user cannot run the delegated tool(s). Disabled roles may likewise be enabled according to a disclosed method and apparatus. Embodiments of the invention may comprise authorization objects that comprise attributes identifying the roles and machine for which a user is authorized.

Abstract: A service control manager (SCM) module may, through a light weight centraized authorization process, assign certain tools to a role so that a non-root user with such role may run the authorized commands specified in the tools as a root user. The usage of these commands is tracked and logged, typically by a log manager who observes each of the commands that are run within the role. If the non-root user tries to run a command that is not assigned to the role, the log manager may block that attempt. Therefore the lightweight authorization may be achieved without compromising security. The user may also be given a finer granularity of running specific commands and options. In addition, the non-root user with the role may only need to be authorized on one node (machine) to be able to perform the commands on multiple nodes.

Abstract: An embodiment of an object class test involves constructing objects from classes, developing a unit class test for each object, passing data into each object using the unit class test, and retrieving data from each object using the unit class test to determine if the object is functional. Accordingly, the object class test ensures that each object is functional before the objects are installed in a software development system. In addition, the object class test documents and implements source code necessary to produce standard output messages from the unit class test for each class, thus formalizing the object class test output into an easily parseable and human readable format.

Abstract: A service control manager (SCM) module may, through a light weight centraized authorization process, assign certain tools to a role so that a non-root user with such role may run the authorized commands specified in the tools as a root user. The usage of these commands is tracked and logged, typically by a log manager who observes each of the commands that are run within the role. If the non-root user tries to run a command that is not assigned to the role, the log manager may block that attempt. Therefore the lightweight authorization may be achieved without compromising security. The user may also be given a finer granularity of running specific commands and options. In addition, the non-root user with the role may only need to be authorized on one node (machine) to be able to perform the commands on multiple nodes.

Abstract: A system and method for managing multiple server computer systems on a computer network. The functions of a central management server are distributed to multiple daemons executing independently of each other on one or more computer systems. Distributing the functions of the central management server to separate multiple daemons substantially improves the reliability of a multi-server management application.

Abstract: A method and apparatus for managing tool execution via roles on a computer system while maintaining computer system security, wherein the computer system comprises a plurality of roles, are disclosed. Such a method and apparatus may include delegating tools to a user based on a role, wherein a tool provides root access for performing a specific task in the computer system and the role is an authorized role that enables the user to run the delegated tools, identifying one of the plurality of roles to be disabled, wherein the identified role is the authorized role, accessing the identified role, and, disabling the identified role so that the user cannot run the delegated tool(s). Disabled roles may likewise be enabled according to a disclosed method and apparatus. Embodiments of the invention may comprise authorization objects that comprise attributes identifying the roles and machine for which a user is authorized.

Abstract: A method and apparatus for delegating root access to non-root users of a computer system while maintaining computer system security are disclosed. Such a method may include authorizing a role for a user, wherein the authorized role includes one or more tools and the tools enable root access for certain tasks that the tools perform when run, whereby the one or more tools are delegated to the user and authorizing a machine of the computer system for the authorized role, wherein the computer system comprises a plurality of machines and the user is enabled to utilize the authorized role only on authorized machines, whereby utilizing the authorized role comprises running the one or more tools of the authorized role. Embodiments of the invention may comprise authorization objects that comprise attributes identifying a user and the roles and machine for which the user is authorized.

Abstract: A method and apparatus of logging events independently and separately from other processes in a computer system are disclosed. A method for logging events by cloning a log entry submitted by a consumer and releasing control of the log entry to the consumer so that execution of an event may continue is disclosed. A log manager that receives requests for writing event log entries to a log file while enabling the execution of the event to continue independently is disclosed.