The following table provides examples of how authorizations are used to limit command options in the Solaris environment. See also Authorizations.
Table 7–8 Commands and Associated Authorizations
Commands |
Authorization Requirements |
---|---|
solaris.jobs.user required for all options (when neither at.allow nor at.deny files exist) |
|
solaris.jobs.user required for the option to submit a job (when neither crontab.allow nor crontab.deny files exist) solaris.jobs.admin required for the options to list or modify other users' crontab files |
|
allocate(1) (with BSM enabled only) |
solaris.device.allocate (or other authorization as specified in device_allocate(4)) required to allocate a device. solaris.device.revoke (or other authorization as specified in device_allocate file) required to allocate a device to another user (-F option) |
deallocate(1) (with BSM enabled only) |
solaris.device.allocate (or other authorization as specified in device_allocate(4)) required to deallocate another user's device. solaris.device.revoke (or other authorization as specified in device_allocate) required to force deallocation of the specified device (-F option) or all devices (-I option) |
list_devices(1) (with BSM enabled only) |
solaris.device.revoke required to list another user's devices (-U option) |