JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 4: File Formats     Oracle Solaris 11.1 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Introduction

File Formats

addresses(4)

admin(4)

ai_manifest(4)

alias(4)

aliases(4)

a.out(4)

au(4)

audit_class(4)

audit_event(4)

audit.log(4)

auth_attr(4)

autofs(4)

bart_manifest(4)

bart_rules(4)

bootparams(4)

cardbus(4)

compver(4)

contents(4)

contract(4)

copyright(4)

core(4)

crypt.conf(4)

crypto_certs(4)

dacf.conf(4)

dat.conf(4)

dc_manifest(4)

defaultdomain(4)

default_fs(4)

defaultrouter(4)

depend(4)

device_allocate(4)

device_contract(4)

device_maps(4)

devices(4)

devid_cache(4)

devname_cache(4)

dfstab(4)

dhcp_inittab(4)

dhcp_network(4)

dhcpsvc.conf(4)

dhcptab(4)

dialups(4)

dir(4)

dir_ufs(4)

d_passwd(4)

driver(4)

driver.conf(4)

ds.log(4)

dumpdates(4)

ethers(4)

exec_attr(4)

fbtab(4)

fd(4)

fdi(4)

flash_archive(4)

format.dat(4)

forward(4)

fs(4)

fspec(4)

fstypes(4)

ftp(4)

ftpusers(4)

fx_dptbl(4)

gateways(4)

geniconvtbl(4)

group(4)

gsscred.conf(4)

hba.conf(4)

holidays(4)

hosts(4)

hosts.equiv(4)

ib(4)

idnkit.pc(4)

ike.config(4)

ike.preshared(4)

inetd.conf(4)

inet_type(4)

infiniband_hca_persistent_cache(4)

init.d(4)

inittab(4)

ipaddrsel.conf(4)

ipf(4)

ipf.conf(4)

ipnat(4)

ipnat.conf(4)

ipnodes(4)

ippool(4)

ippool.conf(4)

isa(4)

issue(4)

kadm5.acl(4)

kdc.conf(4)

keytables(4)

krb5.conf(4)

label_encodings(4)

ldapfilter.conf(4)

ldapsearchprefs.conf(4)

ldaptemplates.conf(4)

llc2(4)

logadm.conf(4)

logindevperm(4)

loginlog(4)

magic(4)

md.cf(4)

mddb.cf(4)

mdi_ib_cache(4)

mdi_scsi_vhci_cache(4)

md.tab(4)

mech(4)

meddb(4)

mnttab(4)

mod_ipp(4)

mpapi.conf(4)

named.conf(4)

ncad_addr(4)

nca.if(4)

ncakmod.conf(4)

ncalogd.conf(4)

ncaport.conf(4)

ndmp(4)

ndpd.conf(4)

netconfig(4)

netgroup(4)

netid(4)

netmasks(4)

netrc(4)

networks(4)

nfs(4)

nfslog.conf(4)

nfssec.conf(4)

NISLDAPmapping(4)

nodename(4)

nologin(4)

note(4)

notrouter(4)

nscd.conf(4)

nss(4)

nsswitch.conf(4)

packingrules(4)

pam.conf(4)

pam.d(4)

passwd(4)

path_to_inst(4)

pci(4)

pcie(4)

pci_unitaddr_persistent(4)

phones(4)

pkginfo(4)

pkgmap(4)

plot(4B)

policy.conf(4)

priv_names(4)

proc(4)

process(4)

prof_attr(4)

profile(4)

project(4)

protocols(4)

prototype(4)

pseudo(4)

publickey(4)

qop(4)

queuedefs(4)

rcmscript(4)

rdc.cf(4)

registration_profile(4)

remote(4)

resolv.conf(4)

rhosts(4)

rmtab(4)

rndc.conf(4)

rpc(4)

rt_dptbl(4)

sasl_appname.conf(4)

sbus(4)

sccsfile(4)

scsi(4)

securenets(4)

sel_config(4)

sendmail(4)

sendmail.cf(4)

service_bundle(4)

service_provider.conf(4)

services(4)

shadow(4)

sharetab(4)

shells(4)

slp.conf(4)

slpd.reg(4)

smb(4)

smbautohome(4)

smhba.conf(4)

snapshot_cache(4)

sndr(4)

sock2path.d(4)

space(4)

ssh_config(4)

sshd_config(4)

submit.cf(4)

sulog(4)

sysbus(4)

syslog.conf(4)

system(4)

telnetrc(4)

term(4)

terminfo(4)

TIMEZONE(4)

timezone(4)

TrustedExtensionsPolicy(4)

ts_dptbl(4)

ttydefs(4)

ttysrch(4)

ufsdump(4)

updaters(4)

user_attr(4)

utmp(4)

utmpx(4)

vfstab(4)

volume-config(4)

volume-defaults(4)

volume-request(4)

wanboot.conf(4)

warn.conf(4)

wtmp(4)

wtmpx(4)

ypfiles(4)

yppasswdd(4)

ypserv(4)

zoneinfo(4)

exec_attr

- execution profiles database

Synopsis

/etc/security/exec_attr

Description

/etc/security/exec_attr is a local database that specifies the execution attributes associated with profiles. The exec_attr file can be used with other sources for execution profiles, including the exec_attr NIS map. Programs use the getexecattr(3C) routines to access this information.

The search order for multiple execution profile sources is specified in the /etc/nsswitch.conf file, as described in the nsswitch.conf(4) man page. The search order follows the entry for prof_attr(4).

A profile is a logical grouping of authorizations and commands that is interpreted by a profile shell to form a secure execution environment. The shells that interpret profiles are pfcsh, pfksh, and pfsh. See the pfsh(1) man page. Each user's account is assigned zero or more profiles in the user_attr(4) database file.

Each entry in the exec_attr database consists of one line of text containing seven fields separated by colons (:). Line continuations using the backslash (\) character are permitted. The basic format of each entry is:

name:policy:type:res1:res2:id:attr

name

The name of the profile. Profile names are case-sensitive.

policy

The security policy that is associated with the profile entry. The valid policy type is solaris. The solaris policy recognizes privileges. See privileges(5).

type

The type of object defined in the profile. The valid type is cmd. The cmd type specifies that the ID field is a command that would be executed by a shell.

res1

The characters RO in this field indicate it is read only and not modifiable by the tools that update this database.

res2

Reserved for future use.

id

A string that uniquely identifies the object described by the profile. For a profile of type cmd, the id is either the full path to the command or the asterisk (*) symbol, which is used to allow all commands. An asterisk that replaces the filename component in a pathname indicates all files in a particular directory.

To specify arguments, the pathname should point to a shell script that is written to execute the command with the desired argument. In a Bourne shell, the effective UID is reset to the real UID of the process when the effective UID is less than 100 and not equal to the real UID. Depending on the euid and egid values, Bourne shell limitations might make other shells preferable. To prevent the effective UIDs from being reset to real UIDs, you can start the script with the -p option.

#!/bin/sh -p
attr

An optional list of semicolon-separated (;) key-value pairs that describe the security attributes to apply to the object upon execution. Zero or more keys can be specified. The list of valid key words depends on the policy enforced. The following key words are valid: euid, uid, egid, gid, privs, and limitprivs.

euid and uid contain a single user name or a numeric user ID. Commands designated with euid run with the effective UID indicated, which is similar to setting the setuid bit on an executable file. Commands designated with uid run with both the real and effective UIDs. Setting uid might be more appropriate than setting the euid on privileged shell scripts.

egid and gid contain a single group name or a numeric group ID. Commands designated with egid run with the effective GID indicated, which is similar to setting the setgid bit on a file. Commands designated with gid run with both the real and effective GIDs. Setting gid might be more appropriate than setting guid on privileged shell scripts.

privs contains a privilege set which are added to the inheritable set prior to running the command.

limitprivs contains a privilege set which are assigned to the limit set prior to running the command.

privs and limitprivs are only valid for the solaris policy.

Examples

Example 1 Using Privileges

The following example shows the audit command specified in the Audit Control profile to execute with the proc_owner privilege:

Audit Control:solaris:cmd:::/usr/sbin/audit:privs=proc_owner

Files

/etc/nsswitch.conf

/etc/user_attr

/etc/security/exec_attr

Locally added entries. Make sure that the shipped header remains intact.

/etc/security/exec_attr.d/*

Entries added by package installation.

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/core-os
Interface Stability
See below.

The command-line syntax is Committed. The output is Uncommitted.

Notes

Because the list of legal keys is likely to expand, any code that parses this database must be written to ignore unknown key-value pairs without error. When any new keywords are created, the names should be prefixed with a unique string, such as the company's stock symbol, to avoid potential naming conflicts.

The following characters are used in describing the database format and must be escaped with a backslash if used as data: colon (:), semicolon (;), equals (=), and backslash (\).

Authorizations required to set various fields are listed:

name       profile name            solaris.profile.cmd.manage
policy     security policy         solaris.profile.cmd.manage
type       type of object defined  solaris.profile.cmd.manage
             in the profile
id full path of command            solaris.profile.cmd.manage
attr security attributes of the command

euid        euid of the command      solaris.profile.cmd.setuid
            process
uid         uid of the command       solaris.profile.cmd.setuid
            process
egid        egid of the command      solaris.group.assign/delegate
            process
gid         gid of the command       solaris.group.assign/delegate
            process
privs       privileges added to 
            the inheritable set of   solaris.privilege.assign/delegate
            privileges for the 
            command. An Extended
            Policy can be specified
            here. See privileges.5.
limitprivs  privileges assigned to
            the limit set of         solaris.privilege.assign/delegate
            privileges for the 
            command

The value of limitprivs that can be set by an authorized user for a given command are limited to the limitprivs privileges that are granted to the user.

The value of the privs that can be set by an authorized user for a given command are limited to the defaultprivs privileges granted to the user.

The solaris.privilege.assign authorization allows the authorized user to grant any privilege to a user. The solaris.privilege.delegate allows the authorized user to grant privileges from the user's privilege sets. See group(4) for more information on solaris.group.assign/delegate.

See Also

auths(1), profiles(1), roles(1), sh(1), makedbm(1M), getauthattr(3C), getexecattr(3C), getprofattr(3C), getuserattr(3C), kva_match(3C), auth_attr(4), group(4), prof_attr(4), user_attr(4), attributes(5), privileges(5)

Copyright © 2012, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next