See Securing Users and Processes in Oracle Solaris 11.4 for more information about roles, rights profiles, authorizations, and privileges.
Use the roles command to list the roles that are assigned to you. Use the su command with the name of the role to assume that role. As this role, you can execute any commands that are permitted by the rights profiles that are assigned to that role.
Use the profiles command to list the rights profiles that are assigned to you. The following profiles are useful for managing faults:
This rights profile enables you to read fault management data, such as when you use the fmadm list, fmstat, or fmdump commands as described in Displaying Fault, Defect, and Alert Information and Log Files and Statistics. Any user can run the fmdump command on files that are readable by that user. The Fault Information rights profile is required to run the fmdump command on files in the /var/fm/fmd/*log* and /var/fm/fmd/rsrc/* directories.
This rights profile gives you the read rights of the Fault Information rights profile and also enables you to modify fault management state. An example of modifying fault management state is using the fmadm acquit command as described in Repairing Faults and Defects and Clearing Alerts. The System Administrator rights profile includes the Fault Management rights profile.
This rights profile enables you to use the -e and -d options of the coreadm command.
Use one of the following methods to execute commands that your rights profiles permit you to execute:
Use a profile shell such as pfbash or pfksh.
Use the pfexec command in front of the command that you want to execute. In general, you must specify the pfexec command with each privileged command that you execute.
Depending on the security policy at your site, you might be able to use the sudo command with your user password to execute a privileged command.