NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | EXIT STATUS | FILES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO
The command roles prints on standard output the roles on your local system that you or the optionally-specified user have been granted. Roles are special accounts that correspond to a functional responsibility rather than to an actual person (referred to as a normal user).
Each user may have zero or more roles. Roles have most of the attributes of normal users and are identified like normal users in passwd(4) and shadow(4). Each role must have an entry in the user_attr(4) file that identifies it as a role. Roles can have their own authorizations and profiles. See auths(1) and profiles(1).
Roles are not allowed to log into a system as a primary user. Instead, a user must log in as him or herself and assume the role. The actions of a role are attributable to the normal user. When auditing is enabled, the audited events of the role contain the audit ID of the original user who assumed the role.
Roles must have valid passwords and one of the shells that interprets profiles: either pfcsh, pfksh, or pfsh. See pfexec(1).
Roles are assumed through the Trusted Path menu. Successful assumption requires knowledge of the role's password and membership in the role. Role assignments are specified in user_attr(4).
The output of the roles command has the following form:
example% roles tester01 tester02tester01 : admin tester02 : secadmin, root example% |
Local source of extended attributes associated with users and roles.
Local source for authorization names and descriptions.
Local source for rights profile names, descriptions, and other attributes of profiles.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWcsu |
Roles are assumed through the Trusted Path menu rather than the su command. To affect all name services, not just files, use the smrole(1M) command instead of the roles command.
auths(1), profiles(1), smrole(1M), su(1M), getauusernam(3BSM), auth_attr(4), user_attr(4)
NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | EXIT STATUS | FILES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO