Databases -- Users, Profiles, and Authorizations
The user, rights profile, and authorization databases are now available in the Solaris 8 environment. Therefore, a Trusted Solaris 8 server can manage the rights and authorizations for Solaris 8 clients as well as Trusted Solaris 8 clients. The Solaris environment changed the name execution profile to rights, or rights profile.
Rights profiles are administered through the Solaris Management Console. The Trusted Solaris 7 Profile Manager is now the Rights tool, under Users (the User Manager). The Rights tool does not recognize symbolically linked commands.
Rights profiles are now hierarchical. Profiles can subsume other profiles, though this is not required. Hierarchical profiles eliminate the need to enumerate all profiles assigned to a user or role.
The names and contents of profiles have changed. Most profiles have been reconfigured; some profiles have been eliminated.
Trusted Solaris extends the Solaris versions of the user, profile, and authorization databases to include CDE actions and Trusted Solaris security attributes, such as labels and new authorizations. The following table shows the new database names.
Table 1-7 Database Changes from the Trusted Solaris 7 to the Trusted Solaris 8 Release|
Trusted Solaris 7 Database |
Trusted Solaris 8 Man Page |
|---|---|
|
/etc/security/tsol/tsolprof | |
|
/etc/security/tsol/tsoluser | |
|
/usr/lib/tsol/locale/C/auth_name | |
|
auth_desc man page |
SMC help for the Authorizations tab |
- © 2010, Oracle Corporation and/or its affiliates