Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Basic Administration Oracle Solaris 10 8/11 Information Library |
1. Oracle Solaris Management Tools (Road Map)
2. Working With the Solaris Management Console (Tasks)
Solaris Management Console (Overview)
What Is the Solaris Management Console?
Solaris Management Console Tools
Why Use the Solaris Management Console?
Organization of the Solaris Management Console
Changing the Solaris Management Console Window
Solaris Management Console Documentation
How Much Role-Based Access Control?
Using the Solaris Management Tools With RBAC (Task Map)
If You Are the First to Log In to the Console
Creating the Primary Administrator Role
How to Create the First Role (Primary Administrator)
How to Assume the Primary Administrator Role
Starting the Solaris Management Console
How to Start the Console as Superuser or as a Role
Using the Oracle Solaris Management Tools in a Name Service Environment (Task Map)
Prerequisites for Using the Solaris Management Console in a Name Service Environment
How to Create a Toolbox for a Specific Environment
How to Add a Tool to a Toolbox
How to Start the Solaris Management Console in a Name Service Environment
Adding Tools to the Solaris Management Console
How to Add a Legacy Tool to a Toolbox
How to Install an Unbundled Tool
Troubleshooting the Solaris Management Console
How to Troubleshoot the Solaris Management Console
3. Working With the Oracle Java Web Console (Tasks)
4. Managing User Accounts and Groups (Overview)
5. Managing User Accounts and Groups (Tasks)
6. Managing Client-Server Support (Overview)
7. Managing Diskless Clients (Tasks)
8. Introduction to Shutting Down and Booting a System
9. Shutting Down and Booting a System (Overview)
10. Shutting Down a System (Tasks)
11. Modifying Oracle Solaris Boot Behavior (Tasks)
12. Booting an Oracle Solaris System (Tasks)
13. Managing the Oracle Solaris Boot Archives (Tasks)
14. Troubleshooting Booting an Oracle Solaris System (Tasks)
15. x86: GRUB Based Booting (Reference)
16. x86: Booting a System That Does Not Implement GRUB (Tasks)
17. Working With the Oracle Solaris Auto Registration regadm Command (Tasks)
18. Managing Services (Overview)
20. Managing Software (Overview)
21. Managing Software With Oracle Solaris System Administration Tools (Tasks)
22. Managing Software by Using Oracle Solaris Package Commands (Tasks)
Most administration tasks, such as adding users or managing file systems require that you first log in as root (UID=0) or assume a role, if you are using RBAC. The root account, also known as the superuser account, is used to make system changes and can override user file protection in emergency situations.
The superuser account and roles should be used only to perform administrative tasks to prevent indiscriminate changes to the system. The security problem that is associated with the superuser account is that this user has complete access to the system, even when performing minor tasks.
In a non-RBAC environment, you can either log in to the system as superuser or use the su command to change to the superuser account. If RBAC is implemented, you can assume roles through the console or use su and specify a role.
When you use the console to perform administration tasks, you can do one of the following:
Log in to the console as yourself and then supply the root user name and password
Log in to the console as yourself and then assume a role
A major benefit of RBAC is that roles can be created to give limited access to specific functions only. If you are using RBAC, you can run restricted applications by assuming a role rather than by becoming superuser.
For step-by-step instructions on creating the Primary Administrator role, see How to Create the First Role (Primary Administrator). For an overview of RBAC, see Chapter 9, Using Role-Based Access Control (Tasks), in System Administration Guide: Security Services.
Become superuser or assume a role by using one of the following methods. Each method requires that you know either the superuser password or the role password.
This method enables to you perform any management task from the console.
For information on starting the Solaris Management Console, see How to Start the Solaris Management Console in a Name Service Environment.
hostname console: root Password: root-password #
The pound sign (#) is the shell prompt for the superuser account.
This method provides complete access to all of the system commands and tools.
% su Password: root-password #
This method provides complete access to all of the system commands and tools.
This method is not enabled by default. You must modify the /etc/default/login file to remotely log in as superuser on the system console. For information on modifying this file, see Chapter 3, Controlling Access to Systems (Tasks), in System Administration Guide: Security Services.
This method provides complete access to all system commands and tools.
Select one of the following methods:
% su role Password: role-password $
This method provides access to all of the commands and tools that the role has access to.
For information on starting the Solaris Management Console, see How to Start the Console as Superuser or as a Role.
This method provides access to all of the Solaris management tools that the role has access to.