Oracle Solaris Cluster Management Rights Profiles

Language:

Oracle Solaris Cluster provides rights profiles that collect just the rights that are required for a particular Oracle Solaris Cluster administrative task. You can assign these rights profiles to users or to roles, to give them specific Oracle Solaris Cluster administrator rights.

Rights Profile	Authorizations and Security Attributes	Rights Granted
Oracle Solaris Cluster Commands	A list of Oracle Solaris Cluster commands that run with the `euid=0` security attribute.	Execute selected Oracle Solaris Cluster commands that you use to configure and manage a cluster, including the following subcommands for all of the Oracle Solaris Cluster commands: `list` `show` `status` `scha_control` `scha_resource_get` `scha_resource_setstatus` `scha_resourcegroup_get` `scha_resourcetype_get`
Basic Oracle Solaris User	This existing Oracle Solaris rights profile contains Oracle Solaris authorizations, as well as the following authorization:	`solaris.cluster.read` – Perform list, show, and other read operations for Oracle Solaris Cluster commands, as well as access the Oracle Solaris Cluster Manager browser interface.
Cluster Operation	This rights profile is specific to Oracle Solaris Cluster software and contains the following authorizations:	`solaris.cluster.read` – Perform list, show, export, status, and other read operations., as well as access the Oracle Solaris Cluster Manager browser interface. `solaris.cluster.admin` – Change the state of cluster objects.
System Administrator	This existing Oracle Solaris rights profile contains the same authorizations that the Cluster Management profile contains.	Perform the same operations that the Cluster Management role identity can perform, in addition to other system administration operations. Note - To enable private network communication when you use Oracle Solaris Cluster Manager to create a zone cluster, you must run the wizard as a role that also includes the Network Management rights profile.
Cluster Management	This rights profile contains the same authorizations that the Cluster Operation profile contains, as well as the `solaris.cluster.modify` authorization.	Perform the same operations that the Cluster Operation role identity can perform, as well as change properties of a cluster object.