NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | EXIT STATUS | FILES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO
The auths command prints on standard output the authorizations that you or the optionally-specified user or role have been granted. Authorizations are rights that are checked by certain privileged programs to determine whether a user may execute restricted functionality.
Each user may have zero or more authorizations. Authorizations are represented by fully-qualified names, which identify the organization that created the authorization and the functionality that it controls. Following the Java convention, the hierarchical components of an authorization are separated by dots (.), starting with the reverse order Internet domain name of the creating organization, and ending with the specific function within a class of authorizations, for example, "com.acme.files.write". The exceptions to this convention are authorizations from Sun Microsystems, Inc. These use the prefix "solaris.", as in the example, "solaris.files.write".
A trailing asterisk (*) to the right of a dot indicates all matching authorizations and can be used when assigning all authorizations within a class.
A user's authorizations are looked up in user_attr(4) and in the /etc/security/policy.conf file (see policy.conf(4)). Authorizations may be specified directly in user_attr(4) or indirectly through prof_attr(4). Authorizations may also be assigned to every user in the system directly as default authorizations or indirectly through default profiles in the /etc/security/policy.conf file.
The auths output has the following form:
example% auths tester01 tester02 tester01 : solaris.system.date, solaris.jobs.admin tester02 : solaris.system.* example% |
Local source of extended attributes associated with users and roles.
Local source for authorization names and descriptions.
Provides the security policy configuration for user-level attributes.
Local source for rights profile names, descriptions, and other attributes of profiles.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWcsu |
Classes of authorizations can be assigned to accounts using a wildcard (asterisk) to the right of a dot in an authorization.
profiles(1), roles(1), policy.conf(4), prof_attr(4), user_attr(4)
NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | EXIT STATUS | FILES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO