Commands That Manage Authorizations, Rights Profiles, and Roles
The commands listed in the following table retrieve and set rights on user processes.
Table 8-1 Rights Administration Commands
|
|
|
Displays authorizations for a user. Creates new authorizations.
|
|
Lists the contents of the rights databases.
|
|
Name service cache daemon, useful for caching the rights databases. Use the
svcadm command to restart the daemon.
|
|
Role account management module for PAM. Checks for the authorization to assume a
role.
|
|
UNIX account management module for PAM. Checks for account restrictions, such as time
restrictions and inactivity.
|
|
Used to create a profile shell process that can evaluate rights.
|
|
Used to edit administrative files.
|
|
Used to execute a command with security attributes.
|
|
Configuration file for system security policy. Lists granted authorizations, granted
privileges, and other security information.
|
|
Displays rights profiles for a specified user. Creates or modifies a rights
profile.
|
|
Displays roles that a specified user can assume.
|
|
Adds a role to a local system or to an LDAP network.
|
|
Adds a role to a local system or to an LDAP network.
|
|
Modifies a role's properties on a local system or on an LDAP network.
|
|
Displays the value of a specific right that is assigned to a user or role
account.
|
|
Adds a user account to the system or to an LDAP network. The –R option
assigns a role to a user's account.
|
|
Deletes a user's login from the system or from an LDAP network.
|
|
Modifies a user's account properties on the system.
|
|