In addition to editing the databases directly, the following tools are available for managing with role-based access control.
Command |
Description |
---|---|
Display authorizations for a user. |
|
Make a dbm file. |
|
Name service cache daemon, useful for caching the user_attr, prof_attr, and exec_attr databases. |
|
Role account management module for PAM. Checks for the authorization to assume role. |
|
Profile shells, used by profile shells to execute commands with attributes specified in the exec_attr database. |
|
Configuration file for security policy. Lists granted authorizations. |
|
Display profiles for a specified user. |
|
Display roles granted to a user. |
|
Add a role account on the system. |
|
Delete a role's account from the system. |
|
Modify a role's account information on the system. |
|
Add a user account on the system. The -P option assigns a role to a user's account. |
|
Delete a user's login from the system. |
|
Modify a user's account information on the system. |