This document guides you on how to create a sudo control rule in EPM macOS with device-type segregation, allowing you to apply specific rules only to selected machines.
Access path
- In Segura, on the navigation bar, hover over the product menu and select EPM.
- In the side menu, select Policies > macOS > Sudo rules.
- Click Add to start creating a new rule.
Segregation screen
- On the Segregation screen, select the Device option.
This option allows applying the rule only to specific devices with the EPM agent active.
- Click Continue.
Sudo rules tab
- Fill in the following fields:
- Identification Name*: define a representative name for the rule.
- Enabled*: select Yes to activate immediately.
- Commands for rule application (must be used the full path)*: enter the full path of the command to be controlled.
- It should be NOPASSWD?*: select Yes if you want to allow execution without a password prompt.
- Description: enter additional notes about the rule.
- Click Continue to proceed to the next step.
Devices tab
- Click the Add button.
- In the displayed window, select the desired devices.
- Use the search field to locate devices by name, IP, domain, or operating system.
- Click Add in the bottom corner of the window.
The selected devices will be listed in the table.
- Click Continue to proceed.
Review tab
- Review all the information entered.
- If everything is correct, click Save to complete the rule registration.