Oracle Solaris Cluster Management Rights Profiles
Oracle Solaris Cluster provides rights profiles that collect just the rights that
are required for a particular Oracle Solaris Cluster administrative task. You can assign
these rights profiles to users or to roles, to give them specific Oracle Solaris Cluster
administrator rights.
|
|
|
Oracle Solaris Cluster Commands
|
A list of Oracle Solaris Cluster commands that run with the
euid=0 security attribute.
|
Execute selected Oracle Solaris Cluster commands that you use to configure and
manage a cluster, including the following subcommands for all of the
Oracle Solaris Cluster commands:
scha_control
scha_resource_get
scha_resource_setstatus
scha_resourcegroup_get
scha_resourcetype_get
|
Basic Oracle Solaris User
|
This existing Oracle Solaris rights profile contains Oracle Solaris
authorizations, as well as the following authorization:
|
solaris.cluster.read – Perform list, show, and
other read operations for Oracle Solaris Cluster commands, as well as access the Oracle Solaris Cluster Manager
browser interface.
|
Cluster Operation
|
This rights profile is specific to Oracle Solaris Cluster software and contains the
following authorizations:
|
solaris.cluster.read – Perform list, show,
export, status, and other read operations., as well as access the Oracle Solaris Cluster Manager browser
interface.
solaris.cluster.admin – Change the state of
cluster objects.
|
System Administrator
|
This existing Oracle Solaris rights profile contains the same
authorizations that the Cluster Management profile contains.
|
Perform the same operations that the Cluster Management role identity can
perform, in addition to other system administration operations.
Note -
To enable private
network communication when you use Oracle Solaris Cluster Manager to create a zone cluster, you must run
the wizard as a role that also includes the Network Management rights
profile.
|
Cluster Management
|
This rights profile contains the same authorizations that the Cluster
Operation profile contains, as well as the
solaris.cluster.modify authorization.
|
Perform the same operations that the Cluster Operation role identity can
perform, as well as change properties of a cluster object.
|
|