JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Cluster System Administration Guide     Oracle Solaris Cluster 4.1
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  Introduction to Administering Oracle Solaris Cluster

2.  Oracle Solaris Cluster and RBAC

Setting Up and Using RBAC With Oracle Solaris Cluster

Oracle Solaris Cluster RBAC Rights Profiles

Creating and Assigning an RBAC Role With an Oracle Solaris Cluster Management Rights Profile

How to Create a Role From the Command Line

Modifying a User's RBAC Properties

How to Modify a User's RBAC Properties From the Command Line

3.  Shutting Down and Booting a Cluster

4.  Data Replication Approaches

5.  Administering Global Devices, Disk-Path Monitoring, and Cluster File Systems

6.  Administering Quorum

7.  Administering Cluster Interconnects and Public Networks

8.  Adding and Removing a Node

9.  Administering the Cluster

10.  Configuring Control of CPU Usage

11.  Updating Your Software

12.  Backing Up and Restoring a Cluster

A.  Example

Index

Oracle Solaris Cluster RBAC Rights Profiles

Selected Oracle Solaris Cluster commands and options that you issue at the command line use RBAC for authorization. Oracle Solaris Cluster commands and options that require RBAC authorization will require one or more of the following authorization levels. Oracle Solaris Cluster RBAC rights profiles apply to nodes in a global cluster.

solaris.cluster.read

Authorization for list, show, and other read operations.

solaris.cluster.admin

Authorization to change the state of a cluster object.

solaris.cluster.modify

Authorization to change properties of a cluster object.

For more information about the RBAC authorization required by an Oracle Solaris Cluster command, see the command man page.

RBAC rights profiles include one or more RBAC authorizations. You can assign these rights profiles to users or to roles to give them different levels of access to Oracle Solaris Cluster. Oracle provides the following rights profiles with Oracle Solaris Cluster software.

Note - The RBAC rights profiles listed in the following table continue to support the old RBAC authorizations as defined in previous Oracle Solaris Cluster releases.

Rights Profile
Includes Authorizations
Role Identity Permission
Oracle Solaris Cluster Commands
None, but includes a list of Oracle Solaris Cluster commands that run with euid=0
Execute selected Oracle Solaris Cluster commands that you use to configure and manage a cluster, including the following subcommands for all of the Oracle Solaris Cluster commands:

  • list

  • show

  • status

scha_control

scha_resource_get

scha_resource_setstatus

scha_resourcegroup_get

scha_resourcetype_get
Basic Oracle Solaris User
This existing Oracle Solaris rights profile contains Oracle Solaris authorizations, as well as the following:
solaris.cluster.read
Perform list, show, and other read operations for Oracle Solaris Cluster commands.
Cluster Operation
This rights profile is specific to Oracle Solaris Cluster software and contains the following authorizations:
solaris.cluster.read
Perform list, show, export, status, and other read operations.
 
solaris.cluster.admin
Change the state of cluster objects.
System Administrator
This existing Oracle Solaris rights profile contains the same authorizations that the Cluster Management profile contains.
Perform the same operations that the Cluster Management role identity can perform, in addition to other system administration operations.
Cluster Management
This rights profile contains the same authorizations that the Cluster Operation profile contains, as well as the following authorization:
Perform the same operations that the Cluster Operation role identity can perform, as well as change properties of a cluster object.
 
solaris.cluster.modify
Copyright © 2000, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next