|Skip Navigation Links|
|Exit Print View|
|Oracle Solaris Cluster Geographic Edition System Administration Guide Oracle Solaris Cluster 4.1|
This section describes role-based access control (RBAC) in Geographic Edition software. It contains the following sections:
Geographic Edition software bases its RBAC profiles on the RBAC rights profiles that are used in the Oracle Solaris Cluster software. For general information about setting up and using RBAC with Oracle Solaris Cluster software, refer to Chapter 2, Oracle Solaris Cluster and RBAC, in Oracle Solaris Cluster System Administration Guide.
Geographic Edition software adds the following RBAC entities to the appropriate file in the /etc/security directory:
RBAC authentication names to auth_attr
RBAC execution profiles to prof_attr
RBAC execution attributes to exec_attr
Note - The default search order for the auth_attr and prof_attr databases is files nis, which is defined in the /etc/nsswitch.conf file. If you have customized the search order in your environment, confirm that files is in the search list. Including files in the search list enables your system to find the RBAC entries that Geographic Edition defined.
The Geographic Edition CLI uses RBAC rights to control end-user access to operations. The general conventions for these rights are described in Table 4-1.
Table 4-1 Geographic Edition RBAC Rights Profiles
When you grant authorization to users other than the root role, you must do so on all nodes of both partner clusters. Otherwise, some operations that have a global scope might fail, due to insufficient user rights on one or more nodes in the partnership.
To modify the RBAC rights for a user, you must be logged in as the root role or assume a role that is assigned the System Administrator rights profile.
For example, you can assign the Geo Management RBAC profile to the user admin as follows:
# usermod -P "Geo Management" admin # profiles admin Geo Management Basic Solaris User #
For more information about how to modify the RBAC properties for a user, refer to Chapter 2, Oracle Solaris Cluster and RBAC, in Oracle Solaris Cluster System Administration Guide.