Tools for Managing Role-Based Access Control (System Administration Guide, Volume 2)

System Administration Guide, Volume 2

Tools for Managing Role-Based Access Control

In addition to editing the databases directly, the following tools are available for managing with role-based access control.

Command	Description
auths(1)	Display authorizations for a user.
makedbm(1M)	Make a `dbm` file.
nscd(1M)	Name service cache daemon, useful for caching the `user_attr`, `prof_attr`, and `exec_attr` databases.
pam_roles(5)	Role account management module for PAM. Checks for the authorization to assume role.
pfexec(1)	Profile shells, used by profile shells to execute commands with attributes specified in the `exec_attr` database.
policy.conf(4)	Configuration file for security policy. Lists granted authorizations.
profiles(1)	Display profiles for a specified user.
roles(1)	Display roles granted to a user.
roleadd(1M)	Add a role account on the system.
roledel(1M)	Delete a role's account from the system.
rolemod(1M)	Modify a role's account information on the system.
useradd(1M)	Add a user account on the system. The `-P` option assigns a role to a user's account.
userdel(1M)	Delete a user's login from the system.
usermod(1M)	Modify a user's account information on the system.