JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 1: User Commands     Oracle Solaris 10 8/11 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Introduction

User Commands

acctcom(1)

adb(1)

addbib(1)

admin(1)

aedplot(1B)

alias(1)

allocate(1)

amt(1)

appcert(1)

apptrace(1)

apropos(1)

ar(1)

arch(1)

as(1)

asa(1)

at(1)

atoplot(1B)

atq(1)

atrm(1)

audioconvert(1)

audioplay(1)

audiorecord(1)

auths(1)

auto_ef(1)

awk(1)

banner(1)

basename(1)

basename(1B)

batch(1)

bc(1)

bdiff(1)

bfs(1)

bg(1)

bgplot(1B)

biff(1B)

break(1)

cal(1)

calendar(1)

cancel(1)

case(1)

cat(1)

cc(1B)

cd(1)

cdc(1)

cdrw(1)

chdir(1)

checkeq(1)

checknr(1)

chgrp(1)

chkey(1)

chmod(1)

chown(1)

chown(1B)

ckdate(1)

ckgid(1)

ckint(1)

ckitem(1)

ckkeywd(1)

ckpath(1)

ckrange(1)

ckstr(1)

cksum(1)

cktime(1)

ckuid(1)

ckyorn(1)

clear(1)

cmp(1)

cocheck(1F)

cocreate(1F)

codestroy(1F)

col(1)

comb(1)

comm(1)

command(1)

compress(1)

continue(1)

coproc(1F)

coreceive(1F)

cosend(1F)

cp(1)

cpio(1)

cpp(1)

cputrack(1)

crle(1)

crontab(1)

crtplot(1B)

crypt(1)

csh(1)

csplit(1)

ct(1C)

ctags(1)

ctrun(1)

ctstat(1)

ctwatch(1)

cu(1C)

cut(1)

date(1)

dc(1)

deallocate(1)

decrypt(1)

delta(1)

deroff(1)

df(1B)

dhcpinfo(1)

diff(1)

diff3(1)

diffmk(1)

digest(1)

digestp(1)

dircmp(1)

dirname(1)

dirs(1)

dis(1)

disable(1)

dispgid(1)

dispuid(1)

dos2unix(1)

download(1)

dpost(1)

dtappsession(1)

du(1)

du(1B)

dumbplot(1B)

dump(1)

dumpcs(1)

dumpkeys(1)

echo(1)

echo(1B)

echo(1F)

ed(1)

edit(1)

egrep(1)

eject(1)

elfdump(1)

elfedit(1)

elfsign(1)

elfwrap(1)

enable(1)

encrypt(1)

enhance(1)

env(1)

eqn(1)

errange(1)

errdate(1)

errgid(1)

errint(1)

erritem(1)

error(1)

errpath(1)

errstr(1)

errtime(1)

erruid(1)

erryorn(1)

eval(1)

ex(1)

exec(1)

exit(1)

expand(1)

export(1)

exportfs(1B)

expr(1)

expr(1B)

exstr(1)

face(1)

factor(1)

false(1)

fastboot(1B)

fasthalt(1B)

fc(1)

fdformat(1)

fg(1)

fgrep(1)

file(1)

file(1B)

filep(1)

filesync(1)

filofaxp(1)

find(1)

finger(1)

fmlcut(1F)

fmlexpr(1F)

fmlgrep(1F)

fmli(1)

fmt(1)

fmtmsg(1)

fold(1)

for(1)

foreach(1)

franklinp(1)

from(1B)

ftp(1)

ftpcount(1)

ftpwho(1)

function(1)

gcore(1)

gencat(1)

geniconvtbl(1)

genlayouttbl(1)

genmsg(1)

get(1)

getconf(1)

getfacl(1)

getfrm(1F)

getitems(1F)

getlabel(1)

getopt(1)

getoptcvt(1)

getopts(1)

gettext(1)

gettxt(1)

getzonepath(1)

gigiplot(1B)

glob(1)

goto(1)

gprof(1)

graph(1)

grep(1)

groups(1)

groups(1B)

grpck(1B)

hash(1)

hashcheck(1)

hashmake(1)

hashstat(1)

head(1)

help(1)

helpdate(1)

helpgid(1)

helpint(1)

helpitem(1)

helppath(1)

helprange(1)

helpstr(1)

helptime(1)

helpuid(1)

helpyorn(1)

history(1)

hostid(1)

hostname(1)

hp7221plot(1B)

hpplot(1B)

i286(1)

i386(1)

i486(1)

i860(1)

iAPX286(1)

iconv(1)

idnconv(1)

if(1)

implot(1B)

indicator(1F)

indxbib(1)

install(1B)

ipcrm(1)

ipcs(1)

isainfo(1)

isalist(1)

jobs(1)

join(1)

jsh(1)

kbd(1)

kdestroy(1)

keylogin(1)

keylogout(1)

kill(1)

kinit(1)

klist(1)

kmdb(1)

kmfcfg(1)

kpasswd(1)

krb5-config(1)

ksh(1)

ktutil(1)

lari(1)

last(1)

lastcomm(1)

ld(1)

ld(1B)

ldap(1)

ldapadd(1)

ldapdelete(1)

ldaplist(1)

ldapmodify(1)

ldapmodrdn(1)

ldapsearch(1)

ldd(1)

ld.so.1(1)

let(1)

lex(1)

limit(1)

line(1)

lint(1B)

list_devices(1)

listusers(1)

llc2_autoconfig(1)

llc2_config(1)

llc2_stats(1)

ln(1)

ln(1B)

loadkeys(1)

locale(1)

localedef(1)

logger(1)

logger(1B)

login(1)

logname(1)

logout(1)

longline(1F)

look(1)

lookbib(1)

lorder(1)

lp(1)

lpc(1B)

lpq(1B)

lpr(1B)

lprm(1B)

lpstat(1)

lptest(1B)

ls(1)

ls(1B)

m4(1)

mac(1)

mach(1)

machid(1)

madv.so.1(1)

mail(1)

Mail(1B)

mail(1B)

mailcompat(1)

mailp(1)

mailq(1)

mailstats(1)

mailx(1)

make(1S)

man(1)

mconnect(1)

mcs(1)

mdb(1)

mesg(1)

message(1F)

mixerctl(1)

mkdir(1)

mkmsgs(1)

mkstr(1B)

mktemp(1)

moe(1)

more(1)

mp(1)

mpss.so.1(1)

msgfmt(1)

mt(1)

mv(1)

nawk(1)

nca(1)

ncab2clf(1)

ncakmod(1)

neqn(1)

newform(1)

newgrp(1)

news(1)

newsp(1)

newtask(1)

nice(1)

NIS+(1)

nis+(1)

nis(1)

niscat(1)

nischgrp(1)

nischmod(1)

nischown(1)

nischttl(1)

nisdefaults(1)

niserror(1)

nisgrep(1)

nisgrpadm(1)

nisln(1)

nisls(1)

nismatch(1)

nismkdir(1)

nisopaccess(1)

nispasswd(1)

nisrm(1)

nisrmdir(1)

nistbladm(1)

nistest(1)

nl(1)

nm(1)

nohup(1)

notify(1)

nroff(1)

od(1)

on(1)

onintr(1)

optisa(1)

pack(1)

page(1)

pagesize(1)

pargs(1)

passwd(1)

paste(1)

patch(1)

pathchk(1)

pathconv(1F)

pax(1)

pcat(1)

pcred(1)

pdp11(1)

perl(1)

pfcsh(1)

pfexec(1)

pfiles(1)

pfksh(1)

pflags(1)

pfsh(1)

pg(1)

pgrep(1)

pkginfo(1)

pkgmk(1)

pkgparam(1)

pkgproto(1)

pkgtrans(1)

pkill(1)

pktool(1)

plabel(1)

pldd(1)

plimit(1)

plot(1B)

plottoa(1B)

pmap(1)

popd(1)

postdaisy(1)

postdmd(1)

postio(1)

postmd(1)

postplot(1)

postprint(1)

postreverse(1)

posttek(1)

ppgsz(1)

ppriv(1)

pr(1)

praliases(1)

prctl(1)

preap(1)

prex(1)

print(1)

printenv(1B)

printf(1)

priocntl(1)

proc(1)

prof(1)

profiles(1)

projects(1)

prs(1)

prt(1)

prun(1)

ps(1)

ps(1B)

psig(1)

pstack(1)

pstop(1)

ptime(1)

ptree(1)

pushd(1)

pvs(1)

pwait(1)

pwd(1)

pwdx(1)

ranlib(1)

rcapstat(1)

rcp(1)

rdist(1)

read(1)

readfile(1F)

readonly(1)

red(1)

refer(1)

regcmp(1)

regex(1F)

rehash(1)

reinit(1F)

remote_shell(1)

remsh(1)

renice(1)

repeat(1)

reset(1B)

reset(1F)

return(1)

rksh(1)

rlogin(1)

rm(1)

rmail(1)

rmdel(1)

rmdir(1)

rmformat(1)

roffbib(1)

roles(1)

rpcgen(1)

rpm2cpio(1)

rsh(1)

run(1F)

runat(1)

rup(1)

rup(1C)

ruptime(1)

rusage(1B)

rusers(1)

rwho(1)

sact(1)

sag(1)

sar(1)

sccs(1)

sccs-admin(1)

sccs-cdc(1)

sccs-comb(1)

sccs-delta(1)

sccsdiff(1)

sccs-get(1)

sccs-help(1)

sccs-prs(1)

sccs-prt(1)

sccs-rmdel(1)

sccs-sact(1)

sccs-sccsdiff(1)

sccs-unget(1)

sccs-val(1)

scp(1)

script(1)

sdiff(1)

sed(1)

sed(1B)

select(1)

set(1)

set(1F)

setcolor(1F)

setenv(1)

setfacl(1)

setlabel(1)

setpgrp(1)

settime(1)

sftp(1)

sh(1)

shell(1F)

shell_builtins(1)

shift(1)

shutdown(1B)

size(1)

sleep(1)

snca(1)

snmpstatus(1)

soelim(1)

sort(1)

sortbib(1)

sotruss(1)

source(1)

sparc(1)

spell(1)

spellin(1)

spline(1)

split(1)

srchtxt(1)

ssh(1)

ssh-add(1)

ssh-agent(1)

ssh-http-proxy-connect(1)

ssh-keygen(1)

ssh-keyscan(1)

ssh-socks5-proxy-connect(1)

stop(1)

strchg(1)

strconf(1)

strings(1)

strip(1)

stty(1)

stty(1B)

sum(1)

sum(1B)

sun(1)

suspend(1)

svcprop(1)

svcs(1)

switch(1)

symorder(1)

sysV-make(1)

t300(1)

t300(1B)

t300s(1)

t300s(1B)

t4013(1B)

t4014(1)

t450(1)

t450(1B)

tabs(1)

tail(1)

talk(1)

tar(1)

tbl(1)

tcopy(1)

tee(1)

tek(1)

tek(1B)

telnet(1)

test(1)

test(1B)

test(1F)

tftp(1)

time(1)

timemanp(1)

times(1)

timesysp(1)

timex(1)

tip(1)

tnfdump(1)

tnfxtract(1)

touch(1)

touch(1B)

tplot(1)

tput(1)

tr(1)

tr(1B)

trap(1)

troff(1)

true(1)

truss(1)

tset(1B)

tsort(1)

tty(1)

type(1)

typeset(1)

u370(1)

u3b(1)

u3b15(1)

u3b2(1)

u3b5(1)

ucblinks(1B)

ul(1)

ulimit(1)

umask(1)

unalias(1)

uname(1)

uncompress(1)

unexpand(1)

unget(1)

unhash(1)

unifdef(1)

uniq(1)

units(1)

unix2dos(1)

unlimit(1)

unpack(1)

unset(1)

unset(1F)

unsetenv(1)

until(1)

uptime(1)

users(1B)

uucp(1C)

uudecode(1C)

uuencode(1C)

uuglist(1C)

uulog(1C)

uuname(1C)

uupick(1C)

uustat(1C)

uuto(1C)

uux(1C)

vacation(1)

val(1)

valdate(1)

valgid(1)

valint(1)

valpath(1)

valrange(1)

valstr(1)

valtime(1)

valuid(1)

valyorn(1)

vax(1)

vc(1)

vedit(1)

ver(1)

vgrind(1)

vi(1)

view(1)

vipw(1B)

volcancel(1)

volcheck(1)

volmissing(1)

volrmmount(1)

vplot(1B)

vsig(1F)

w(1)

wait(1)

wc(1)

what(1)

whatis(1)

whence(1)

whereis(1B)

which(1)

while(1)

who(1)

whoami(1B)

whocalls(1)

whois(1)

write(1)

xargs(1)

xgettext(1)

xstr(1)

yacc(1)

yes(1)

ypcat(1)

ypmatch(1)

yppasswd(1)

ypwhich(1)

zcat(1)

zlogin(1)

zonename(1)

profiles

- print execution profiles for a user

Synopsis

profiles [-l] [ user ]...

Description

The profiles command prints on standard output the names of the execution profiles that have been assigned to you or to the optionally-specified user or role name. Profiles are a bundling mechanism used to enumerate the commands and authorizations needed to perform a specific function. Along with each listed executable are the process attributes, such as the effective user and group IDs, with which the process runs when started by a privileged command interpreter. The profile shells are pfcsh, pfksh, and pfexec. See the pfexec(1) man page. Profiles can contain other profiles defined in prof_attr(4).

Multiple profiles can be combined to construct the appropriate access control. When profiles are assigned, the authorizations are added to the existing set. If the same command appears in multiple profiles, the first occurrence, as determined by the ordering of the profiles, is used for process-attribute settings. For convenience, a wild card can be specified to match all commands.

When profiles are interpreted, the profile list is loaded from user_attr(4). If any default profile is defined in /etc/security/policy.conf (see policy.conf(4)), the list of default profiles are added to the list loaded from user_attr(4). Matching entries in prof_attr(4) provide the authorizations list, and matching entries in exec_attr(4) provide the commands list.

Options

The following options are supported:

-l

Lists the commands in each profile followed by the special process attributes such as user and group IDs.

Examples

Example 1 Sample Output

The output of the profiles command has the following form:

example% profiles tester01 tester02tester01 : Audit Management, All Commands
tester02 : Device Management, All Commands
example%

Example 2 Using the list Option

example% profiles -l tester01 tester02tester01 :
    Audit Management:
      /usr/sbin/audit          euid=root
      /usr/sbin/auditconfig    euid=root    egid=sys
    All Commands:
      *
tester02 :
    Device Management:
      /usr/bin/allocate:       euid=root
      /usr/bin/deallocate:     euid=root
    All Commands
      *
example%

Exit Status

The following exit values are returned:

0

Successful completion.

1

An error occurred.

Files

/etc/security/exec_attr

/etc/security/prof_attr

/etc/user_attr

/etc/security/policy.conf

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
SUNWcsu

See Also

auths(1), pfexec(1), roles(1), getprofattr(3SECDB), exec_attr(4), policy.conf(4), prof_attr(4), user_attr(4), attributes(5)

Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next