Transitioning From Oracle® Solaris 10 to Oracle Solaris 11.2

Exit Print View

 
Updated: December 2014
 
 

About Rights Profiles

Rights profiles are collections of authorizations and other security attributes, commands with security attributes, and supplementary rights profiles. Oracle Solaris provides many rights profiles. You can modify existing rights profiles, as well as create new ones. Note that rights profiles must be assigned in order, from most to least powerful.

    The following are some of the rights profiles that are available:

  • System Administrator – Is a profile that is able to perform most tasks that are not connected with security. This profile includes several other profiles to create a powerful role. Use the profiles command to display information about this profile. See Example 9–1.

  • Operator – Is a profile with limited capabilities to manage files and offline media.

  • Printer Management – Is a profile that provides a limited number of commands and authorizations to handle printing.

  • Basic Solaris User – Is a profile that enables users to use the system within the bounds of security policy. This profile is listed by default in the policy.conf file.

  • Console User – Is a profile for the workstation owner. This profile provides access to authorizations, commands, and actions for the person who is seated at the computer.

Other rights profiles that are available in this release include the All rights profile and the Stop rights profile. See Chapter 8, Reference for Oracle Solaris Rights, in Securing Users and Processes in Oracle Solaris 11.2 .

Example 9-1  Displaying Information About the System Administrator Rights Profile

Use the profiles command to display information about a specific rights profile. In the following example, information about the System Administrator rights profile is displayed:

$ profiles -p "System Administrator" info
name=System Administrator
desc=Can perform most non-security administrative tasks
profiles=Install Service Management,Audit Review,Extended Accounting Flow
Management,Extended Accounting Net Management,Extended Accounting Process Management,
Extended Accounting Task Management,Printer Management,Cron Management,Device Management,
File System Management,Log Management,Mail Management,Maintenance and Repair,
Media Backup,Media Catalog,Media Restore,Name Service Management,Network Management
Object Access Management,Process Management,Project Management,RAD Management,
Service Operator,Shadow Migration Monitor,Software Installation,System
Configuration,User Management,ZFS Storage Management
help=RtSysAdmin.html
Copyright © 2011, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next