[ Team LiB ] Previous Section Next Section

Commands for Managing Role-Based Access Control

Direct editing of the databases is not recommended. Instead, use the SMC tools to manage role-based access control. You can also use the commands listed in Table 43 to manage role-based access control.

Table 43. Commands for Managing Role-Based Access Control

Command

Description

auths(1)

Display authorizations for a user.

makedbm(1M)

Make a dbm file.

ncsd(1M)

Nameservice cache daemon. This daemon is useful for caching the user_attr, prof_attr, and exec_attr databases.

pam_roles(5)

Role account management module for PAM. Checks for the authorization to assume a role.

pfexec(1)

pfsh(1)

pfcsh(1)

pfksh(1)

Profile shells, used to execute commands with attributes specified in the exec_attr database.

policy.conf(4)

Configuration file for security policy. Lists granted authorizations.

profiles(1)

Display profiles for a specified user.

roles(1)

Display roles granted to a user.

roleadd(1M)

Add a role account on the system.

roledel(1M)

Delete a role's account from the system.

rolemod(1M)

Modify a role's account information on the system.

useradd(1M)

Add a user account on the system. The -P option assigns a policy, the -R option assigns a role, the -A option assigns an authorization.

userdel(1M)

Delete a user's login from the system.

usermod(1M)

Modify a user's account information on the system. The -P option modifies a policy, the -R option modifies a role, and the -A option modifies an authorization.

    [ Team LiB ] Previous Section Next Section