test

系统管理指南:名称和目录服务(DNS、NIS 和 LDAP)

基于角色的访问控制和执行配置文件架构

/etc/user_attr 是与用户和角色相关联的扩展属性的本地源。有关更多信息,请参见 user_attr(4)

基于角色的访问控制 属性如下所示:


( 1.3.6.1.4.1.42.2.27.5.1.4 NAME 'SolarisAttrKeyValue'

  DESC 'Semi-colon separated key=value pairs of attributes'

  EQUALITY caseIgnoreIA5Match

  SUBSTRINGS caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.7 NAME 'SolarisAttrShortDesc'

  DESC 'Short description about an entry, used by GUIs'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.8 NAME 'SolarisAttrLongDesc'

  DESC 'Detail description about an entry'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.9 NAME 'SolarisKernelSecurityPolicy'

  DESC 'Solaris  kernel security policy'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.10 NAME 'SolarisProfileType'

  DESC 'Type of object defined in profile'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.11 NAME 'SolarisProfileId'

  DESC 'Identifier of object defined in profile'

  EQUALITY caseExactIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.12 NAME 'SolarisUserQualifier'

  DESC 'Per-user login attributes'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.13 NAME 'SolarisReserved1'

  DESC 'Reserved for future use'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

 

( 1.3.6.1.4.1.42.2.27.5.1.14 NAME 'SolarisReserved2'

  DESC 'Reserved for future use'

  EQUALITY caseIgnoreIA5Match

  SYNTAX 'IA5String' SINGLE-VALUE )

基于角色的访问控制 objectClassses 如下所示:


( 1.3.6.1.4.1.42.2.27.5.2.3 NAME 'SolarisUserAttr' SUP top AUXILIARY

  DESC 'User attributes'

  MAY ( SolarisUserQualifier $ SolarisAttrReserved1 $ \

        SolarisAttrReserved2 $ SolarisAttrKeyValue ) )

 

( 1.3.6.1.4.1.42.2.27.5.2.4 NAME 'SolarisAuthAttr' SUP top STRUCTURAL

  DESC 'Authorizations data'

  MUST cn

  MAY ( SolarisAttrReserved1 $ SolarisAttrReserved2 $ \

        SolarisAttrShortDesc $ SolarisAttrLongDesc $ \

        SolarisAttrKeyValue ) )

 

( 1.3.6.1.4.1.42.2.27.5.2.5 NAME 'SolarisProfAttr' SUP top STRUCTURAL

  DESC 'Profiles data'

  MUST cn

  MAY ( SolarisAttrReserved1 $ SolarisAttrReserved2 $ \

        SolarisAttrLongDesc $ SolarisAttrKeyValue ) )

 

( 1.3.6.1.4.1.42.2.27.5.2.6 NAME 'SolarisExecAttr' SUP top AUXILIARY

  DESC 'Profiles execution attributes'

  MAY ( SolarisKernelSecurityPolicy $ SolarisProfileType $ \

        SolarisAttrReserved1 $ SolarisAttrReserved2 $ \

        SolarisProfileId $ SolarisAttrKeyValue ) )