1. Oracle VM Server for SPARC 3.6 Administration Guide
  2. Using Domain Consoles
  3. Controlling Access to a Domain Console by Using Rights
  4. How to Control Access to All Domain Consoles by Using Rights Profiles

How to Control Access to All Domain Consoles by Using Rights Profiles

  1. Restrict access to a domain console by enabling console authorization checking.
    primary# svccfg -s vntsd setprop vntsd/authorization = true
primary# svcadm refresh vntsd
primary# svcadm restart vntsd
  2. Assign the LDoms Consoles rights profile to a user.
    primary# usermod -P +"LDoms Consoles" username
  3. Connect to the domain console as the user.
    $ telnet localhost 5000

Example 5-2 Controlling Access to All Domain Consoles by Using Rights Profiles

The following example shows how to use rights profiles to control access to all domain consoles.

Assign the LDoms Consoles rights profile to a user.

primary# usermod -P +"LDoms Consoles" sam

The following commands show how to verify that the user is sam and that the All, Basic Solaris User, and LDoms Consoles rights profiles are in effect. The telnet command shows how to access the ldg1 domain console. 

$ id
uid=702048(sam) gid=1(other)
$ profiles
All
Basic Solaris User
LDoms Consoles
$ telnet localhost 5000
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.

Connecting to console "ldg1" in group "ldg1" ....
Press ~? for control options ..