|Skip Navigation Links|
|Exit Print View|
|Oracle Solaris 11.1 Administration: Security Services Oracle Solaris 11.1 Information Library|
A user or role can be assigned security attributes directly or through a rights profile. The order of search affects which security attribute value is used. The value of the first found instance of the attribute is used.
Note - The order of authorizations is not important. Authorizations are cumulative.
security attributes that are assigned to the user with the useradd and usermod commands. For a list, see user_attr Database.
rights profiles that are assigned to the user with the useradd and usermod commands. These assignments are searched in order.
The order is first profile in the list, then its list of rights profiles, second profile in the list, then its list of profiles, and so on. The first instance of a value is the one that the system uses, except for auths values, which are cumulative. The attributes in rights profiles include all the security attributes for users, plus supplementary profiles. For a list, see user_attr Database.
Console User rights profile value. For a description, see Rights Profiles.
If the Stop rights profile is assigned, the evaluation of security attributes stops. No attributes are assigned after the Stop profile is assigned. The Stop profile is evaluated after the Console User rights profile and before the other security attributes in the policy.conf file, including AUTHS_GRANTED. For a description, see Rights Profiles.
Basic Solaris User rights profile value in the policy.conf file.
AUTHS_GRANTED value in the policy.conf file.
PROFS_GRANTED value in the policy.conf file.
PRIV_DEFAULT value in the policy.conf file.
PRIV_LIMIT value in the policy.conf file.