sysh(1M)
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | SEE ALSO | WARNINGS | NOTES
NAME
- sysh- System shell
SYNOPSIS
-
sysh [-acefhiknpPrstuvx] [argument...]
DESCRIPTION
- setprof [ profilename ]
-
sysh uses the specified profile to determine security attributes and privileges for executing subsequent commands. This switch is useful when the same command needs to be run with different privileges at different times. The default profile is the "boot" profile, used when sysh starts up and when setprof is called with no arguments.
sysh, the system shell, is a modified version of the Bourne shell, sh(1). sysh is used to control the use of privileges in commands run from the rc scripts. sysh allows any command to be executed but consults profiles for the privileges, user ID (UID), group ID (GID), and sensitivity label (SL) with which the command is to be run.
The system shell can be run only from a process with the Trusted Path attribute.
USAGE
Refer to the sh(1) man page for a complete usage description. The sysh command adds the setprof command.
To list profiles and privileges that are being used by any command in a profile shell, use the smprofile(1) command. See EXAMPLES on the smprofile page for examples of using smprofile list.
Commands
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|---|---|
| Availability | SUNWtsrSUNWtsu |
SEE ALSO
WARNINGS
sysh normally has all privileges forced so it can run commands with privileges. If sysh finds that a command needs privileges that sysh is not permitted, a warning message is printed and the command is run with no privileges.
NOTES
These interfaces are uncommitted. Although they are not expected to change between minor releases of the Trusted Solaris environment, they may.
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | SEE ALSO | WARNINGS | NOTES
- © 2010, Oracle Corporation and/or its affiliates