|
|
System administrators and privileged users need to perform sensitive tasks, but because privileges are associated with processes, not user IDs (except for the special case of UID 0), it is not possible to directly grant privileges to users to perform these sensitive tasks. The Trusted Facility Management (TFM) tools provide the means to maintain a database of users and the commands they may execute with privilege.
TFM eliminates the need to place fixed privileges on a command (using filepriv(1M)) for it to execute with privilege for these users. An administrator who is in the TFM database must execute the tfadmin(1M) command to run these commands with the granted privileges. Users not in the TFM database cannot execute commands with privilege and will get an error if they attempt to use tfadmin(1M).
TFM also gives you the ability to associate a set of privileged commands with a role. The privileged commands associated with each role are then associated with people assigned to that role. This saves you from having to define an identical set of privileged commands for each user. Instead, you define a role as containing the commands you desire, and then associate each desired user with the role. See adminrole(1M) for details on the definition and maintenance of roles.