roledel - delete a role's login from the system
roledel [-r] [-S repository] [-q qualifier] role
The roledel utility deletes a role account from the system and makes the appropriate account-related changes to the system file and file system. roledel also removes the role from each user's list of assumable roles.
An administrator must be granted the User Management Profile to be able to delete an existing role.
The following options are supported:
The name of a host or netgroup which qualifies which attributes to delete. The prefix @ is required to indicate that the qualifier is a netgroup name. The –q option is only valid if the user account is maintained in the LDAP name service. Only the attributes associated with the qualifier are deleted. The account and other attributes are not affected unless this option is omitted. In that case, all qualified attributes are also deleted.
Remove the role's home directory from the system. This directory must exist. The files and directories under the home directory will no longer be accessible following successful execution of the command. The ZFS dataset that was created for the role's home directory will be removed.
The auto_home entry for the role will be deleted.
The valid repositories are files, ldap. The repository specifies which name service will be updated. The default repository is files.
The following operands are supported:
An existing role name to be deleted.
The following exit values are returned:
Invalid command syntax. A usage message for the roledel command is displayed.
The account to be removed does not exist.
The account to be removed is in use.
Cannot update the /etc/group or /etc/user_attr file but the login is removed from the /etc/passwd file.
Cannot remove or otherwise modify the home directory.
system password file
system file containing roles' encrypted passwords and related information
system file containing group definitions
system file containing additional role attributes
See attributes(7) for descriptions of the following attributes:
auths(1), passwd(1), profiles(1), roles(1), passwd(5), prof_attr(5), user_attr(5), attributes(7), groupadd(8), groupdel(8), groupmod(8), logins(8), roleadd(8), rolemod(8), useradd(8), userdel(8), usermod(8)
The roledel utility only deletes an account definition that is in the group, passwd, shadow, and user_attr databases in the repository.