pfexec, pfbash, pfcsh, pfksh, pfsh, pftcsh, pfzsh - execute a command in a profile
/usr/bin/pfexec -P privspec command [ arg ]...
/usr/bin/pfsh [ options ] [ argument ]...
/usr/bin/pfcsh [ options ] [ argument ]...
/usr/bin/pfksh [ options ] [ argument ]...
The pfexec program sets the PRIV_PFEXEC process flag and marks the current process as a profile shell. It then executes the specified command. The kernel queries the exec_attr(4) database and executes with the appropriate attributes.
Profiles are searched in the order specified in the user's entries in the user_attr(4) database and policy.conf(4). For each user, there are two sets of profiles, an authenticated set, and an unauthenticated set. The user is required to re-authenticate prior to executing commands which match an entry in theexec_attr(4) database corresponding to the authenticated profiles set. If the command is executed from a terminal, the authentication state is cached for the current user and tty, subject to the timeout option set for pam_tty_tickets(5) in the PAM stack /etc/pam.d/pfexec. If there is no current tty, but there is an active X11 session, the user is prompted to authenticate through a zenity dialog. This authentication state is cached for the current user and DISPLAY environment setting. Processes that have been successfully re-authenticated, including those that were implicitly authenticated within the timeout value of the cache, are marked with an additional process flag, PRIV_PFEXEC_AUTH, which exempts child process from subsequent re-authentication. Both the PRIV_PFEXEC and PRIV_PFEXEC_AUTH flags are inherited by child processes unless the real uid is changed. Commands that match the set of unauthenticated profiles do not require re-authentication, but have lower precedence than commands in the set of authenticated profiles. If the same command appears in more than one profile, the profile shell uses the first matching entry.
The second form, pfexec –P privspec, allows a user to obtain the additional privileges awarded to the user's profiles in prof_attr(4). The privileges specification on the commands line is parsed using priv_str_to_set(3C). The resulting privileges are intersected with the union of the privileges specified using the privs keyword in prof_attr (4) for all the user's profiles and added to the inheritable set before executing the command.
pfexec is used to execute commands with predefined process attributes, such as specific user or group IDs.
example% pfexec -P all chown user file
This command runs chown user file with all privileges assigned to the current user, not necessarily all privileges.
The following exit values are returned:
An error occurred.
See attributes(5) for descriptions of the following attributes: