System Administration Guide: Basic Administration

RBAC Security Files

The RBAC security files that work with the Solaris Management Console are created when you upgrade to or install at least the Solaris 9 release. If you do not install the Solaris Management Console packages, the RBAC security files are installed without the necessary data for using RBAC. For information on the Solaris Management Console packages, see Troubleshooting the Solaris Management Console.

The RBAC security files if you are running at least the Solaris 9 release are included in your name service so that you can use the Solaris Management Console tools in a name service environment.

The security files on a local server are populated into a name service environment as part of a standard upgrade by the ypmake, nispopulate, or equivalent LDAP commands.

The following name services are supported:


Note –

The projects database is not supported in the NIS+ environment.


The RBAC security files are created when you upgrade to or install at least the Solaris 9 release.

This table briefly describes the predefined security files that are installed on a system that is running at least the Solaris 9 release.

Table 2–3 RBAC Security Files

Local File Name 

Table or Map Name 

Description 

/etc/user_attr

user_attr

Associates users and roles with authorizations and rights profiles 

/etc/security/auth_attr

auth_attr

Defines authorizations and their attributes and identifies associated help files 

/etc/security/prof_attr

prof_attr

Defines rights profiles, lists the rights profiles assigned to the authorizations, and identifies associated help files 

/etc/security/exec_attr

exec_attr

Defines the privileged operations assigned to a rights profile 

For unusual upgrade cases, you might have to use the smattrpop command to populate RBAC security files in the following instances:

For more information, see Role-Based Access Control (Overview) in System Administration Guide: Security Services.