tsoluser(4)
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | EXAMPLES | FILES | SEE ALSO
NAME
- tsoluser- Trusted Solaris User Security Attributes Database
SYNOPSIS
/etc/security/tsol/tsoluser
DESCRIPTION
The tsoluser database specifies additional security attributes associated with users and roles.
Each entry in the file consists of a single line, with fields separated by a colon (:). Line continuations and comments are not allowed. Each entry has the form (for readability, the line is shown in this man page as two lines):
user:lock:gen:profiles:roles:idletime:idlecmd:labelview:\ labeltrans:labelmin:clearance:usertype:res1:res2:res3
user is the name of the user as specified in the passwd database.
lock contains one of the keywords: locked, or open. locked specifies that the user is not allowed to log in to the system. open specifies that the user is allowed to log in. Programs such as login(1) and dtlogin(1X) may choose to change the keyword open to locked, for example, when a user enters an invalid password too frequently.
gen contains either of the strings: automatic, or manual. automatic specifies that a user must choose a machine-generated password to change a password. manual specifies that a user may devise a password of his or her choice.
profiles contains a ordered, comma-separated list of profile names chosen from tsolprof(4); or the key word none, indicating that dtwm(1) will not permit the user to use any actions and pfsh(1M) will not permit the user to execute commands.
roles contains a comma-separated list of role names from the set of user accounts in this database whose usertype field indicates the account is a role; or the keyword none, indicating that the user is not permitted to assume any role.
idletime contains a number representing the number of minutes a workstation may remain idle before the the window manager attempts the task specified in idlecmd. A zero in this field specifies that the idlecmd command is never executed.
idlecmd contains one of two keywords which dtwm(1) interprets when a workstation is idle for too long. The keyword lock specifies that the workstation is to be locked (and thus requires the user to provide a password to resume the session). The keyword logout specifies that session is to be terminated (thus killing the user's processes launched in the current session).
labelview contains three comma-separated keywords. The first word can be either internal, specifying that the user may see the ADMIN_LOW and ADMIN_HIGH labels displayed
by various commands and applications; or external, specifying that the user may not see the labels; or sysdef, indicating that the label visibility should be determined by the system default, as recorded in the label_encodings file. The second
word may be either showil, indicating that information labels are not displayed; or hideil, indicating that the labels are not displayed. The third word may be showsl, indicating that sensitivity labels are displayed; or hidesl,
indicating that the labels are not displayed.
labeltrans contains a hexidecimal number representing the process attribute flags that control label translation.
labelmin contains the minimum sensitivity label at which the user may log in. This label is given as hexidecimal string. See atohexlabel(1M).
clearance contains the maximum sensitivity label at which the user may operate. This label is given as hexidecimal string. See atohexlabel(1M).
usertype contains one of these strings: utnorm, indicating that this account is for a normal user, one who logs in; utrole, indicating that this account is for a role, which can be assumed by a normal user who is allowed the role after the user has logged in; or utadm, indicating that this account is an administrtive role with administrative capabilities.
res1, res2, and res3 are reserved for future use.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|---|---|
| Availability | SUNWtsr |
EXAMPLES
For the sake of clarity on this man page, examples are shown using a continuation character (\). In the database file, however, the backslash is not permitted because each entry is made on a single line.
root:open:automatic:Object Label Management,User Security,\ NIS+ Security Administration,Privileged Shells,All Authorizations,All:\ none:5:lock:internal,hideil,hidesl:0x0000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff:\ utadm:res1:res2:res3 admin:open:automatic:Audit Review,Enable Login,Outside Accred,\ Maintenance and Repair,NIS+ Administration,System Management,\ User Management,Media Restore,Basic Commands,Basic Actions:none:5:lock:\ internal,showil,showsl:0x0000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff:\ utadm:res1:res2:res3 secadmin:open:automatic:Audit Control,Object Label Management,\ Object Access Management,Object Privilege Management,Outside Accred,\ System Security,NIS+ Security Administration,User Security,\ Basic Commands,Basic Actions:none:5:lock:internal,showil,showsl:0x0000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff:\ utadm:res1:res2:res3 oper:open:automatic:Outside Accred,Media Backup,Basic Commands,\ Basic Actions:none:5:lock:internal,showil,showsl:0x0000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff:\ utrole:res1:res2:res3 install:open:manual:Enable Login,Outside Accred:root:5:lock:\ internal,showil,showsl:0x0000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ 0x00000000000000000000000000000000000000000000000000000000000000000000:\ utnorm:res1:res2:res3 |
The first four entries (root, admin, secadmin, and oper) are the default Trusted Solaris roles. The first entry, root, has a handful of profiles which allow it to install software and bootstrap the system. Note that the root entry also has the profile named "All," which gives the role wide birth as far as which commands it can execute while installing software.
Each of the next three has a much more restrictive set of profiles. These profiles are designed to allow the user to perform only the tasks for which that role is responsible.
The fifth entry is for the user named install, who has the "Nothing" profile and thus cannot execute any commands or actions. The user can, however, assume the root role, which provides sufficient capability to configure the system immediately after it has been installed.
FILES
SEE ALSO
Trusted Solaris 7 Reference Manual
SunOS 5.7 Reference Manual
dtwm(1), attributes(5)
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | EXAMPLES | FILES | SEE ALSO
- © 2010, Oracle Corporation and/or its affiliates