Modifying a User's RBAC Properties - Oracle® Solaris Cluster Geographic Edition System Administration Guide

Oracle^® Solaris Cluster Geographic Edition System Administration Guide

Exit Print View

» ...Documentation Home » Oracle Solaris Cluster 4.2 » Oracle^® Solaris Cluster ... » Administering RBAC » Modifying a User's RBAC Properties

Updated: July 2014, E39667-01

Oracle^® Solaris Cluster Geographic Edition System Administration Guide

Document Information

Using This Documentation

Chapter 1 Introduction to Administering the Geographic Edition Software

Chapter 2 Overview of Administering a Geographic Edition Configuration

Chapter 3 Administering the Geographic Edition Infrastructure

Chapter 4 Administering RBAC

Modifying a User's RBAC Properties

Chapter 5 Administering Cluster Partnerships

Chapter 6 Administering Heartbeats

Chapter 7 Administering Protection Groups

Chapter 8 Administering Sites

Chapter 9 Administering Multigroups

Chapter 10 Monitoring and Validating the Geographic Edition Software

Chapter 11 Migrating Services

Chapter 12 Customizing Switchover and Takeover Actions

Chapter 13 Script-Based Plug-Ins

Appendix A Standard Geographic Edition Properties

Appendix B Legal Names and Values of Geographic Edition Entities

Appendix C Disaster Recovery Administration Example

Appendix D Takeover Postconditions

Appendix E Troubleshooting Geographic Edition Software

Appendix F Error Return Codes for Script-Based Plug-Ins

Language:

Modifying a User's RBAC Properties

Note - The RBAC rights for Oracle Solaris Cluster software, including the Geographic Edition framework,are intended to simplify the assignment of management roles and protect against accidental errors. However, a malicious user would be able to abuse RBAC-based cluster administration privileges to gain wider system privileges. Therefore, RBAC rights should be assigned with care.

When you grant authorization to users other than the root role, you must do so on all nodes of both partner clusters. Otherwise, some operations that have a global scope might fail, due to insufficient user rights on one or more nodes in the partnership.

To modify the RBAC rights for a user, you must be logged in as the root role or assume a role that is assigned the System Administrator rights profile.

For example, you can assign the Geo Management RBAC profile to the user admin as follows:

# usermod -P "Geo Management" admin
# profiles admin
Geo Management
Basic Solaris User
#

For more information about how to modify the RBAC properties for a user, refer to Chapter 2, Oracle Solaris Cluster and RBAC, in Oracle Solaris Cluster System Administration Guide .

Copyright © 2004, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices