System Administration Guide: IP Services

Setting Up User Access to DHCP Commands

By default, only root or superuser can execute dhcpconfig, dhtadm, and pntadm commands. If you want non root users to use the commands, you can set up role-based access control (RBAC) for those commands.

Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

You might also find the following man pages helpful: rbac(5), exec_attr(4), and user_attr(4).

The following procedure explains how to assign the DHCP Management profile, which enables the user to execute the DHCP commands.

ProcedureHow to Grant Users Access to DHCP Commands

  1. Become superuser on the DHCP server system.

  2. Edit the file /etc/user_attr to add an entry of the following form. Add one entry for each user or role that should manage the DHCP service.

    username::::type=normal;profiles=DHCP Management

    For example, for user ram, you would add the following entry:

    ram::::type=normal;profiles=DHCP Management