The following task map shows where to obtain information for performing specific RBAC tasks.
Task |
Description |
For Instructions |
---|---|---|
Use privileged applications |
To run applications that can affect security or system operations requires becoming superuser or assuming a role. | |
Create roles |
To add new roles, that is, special identities for running privileged applications. | |
Change role properties |
To change the properties of a role, that is, the assigned users, rights profiles, and authorizations that are assigned to a role. | |
Create or change rights profiles |
To add or change a rights profile, including the assignment of authorizations, commands with security attributes, and supplementary rights profiles. |
How to Create or Change a Rights Profile by Using the Rights Tool |
Change a user's RBAC properties |
To change the roles, rights profiles, or authorizations that are assigned to a user. |
How to Modify a User's RBAC Properties by Using the User Accounts Tool How to Modify a User's RBAC Properties From the Command Line |
Secure legacy applications |
To turn on the set ID permissions for legacy applications. Scripts can contain commands with set IDs. Legacy applications can check for authorizations, if appropriate. |
How to Add Security Attributes to a Legacy Application |
These procedures manage the elements that are used in role-based access control (RBAC). For user management procedures, refer to “Managing User Accounts and Groups (Tasks)” in System Administration Guide: Basic Administration.