Commands That Manage Authorizations, Rights Profiles, and Roles

Language:

The commands listed in the following table retrieve and set rights on user processes.

Table 8-1 Rights Administration Commands

Command	Description
`auths` (1)	Displays authorizations for a user. Creates new authorizations.
`getent` (1M)	Lists the contents of the rights databases.
`nscd` (1M)	Name service cache daemon, useful for caching the rights databases. Use the `svcadm` command to restart the daemon.
`pam_roles` (5)	Role account management module for PAM. Checks for the authorization to assume a role.
`pam_unix_account` (5)	UNIX account management module for PAM. Checks for account restrictions, such as time restrictions and inactivity.
`pfbash` (1)	Used to create a profile shell process that can evaluate rights.
`pfedit` (1M)	Used to edit administrative files.
`pfexec` (1)	Used to execute a command with security attributes.
`policy.conf` (4)	Configuration file for system security policy. Lists granted authorizations, granted privileges, and other security information.
`profiles` (1)	Displays rights profiles for a specified user. Creates or modifies a rights profile.
`roles` (1)	Displays roles that a specified user can assume.
`roleadd` (1M)	Adds a role to a local system or to an LDAP network.
`roleadd` (1M)	Adds a role to a local system or to an LDAP network.
`rolemod` (1M)	Modifies a role's properties on a local system or on an LDAP network.
`userattr` (1)	Displays the value of a specific right that is assigned to a user or role account.
`useradd` (1M)	Adds a user account to the system or to an LDAP network. The `–R` option assigns a role to a user's account.
`userdel` (1M)	Deletes a user's login from the system or from an LDAP network.
`usermod` (1M)	Modifies a user's account properties on the system.