Trusted facility management

Adding commands to a new role

Use adminrole with the -n and -a options to add commands and privileges to a new role.

To add commands and privileges to a new role, perform the following:

  1. Enter

    adminrole -n -a entry1,entry2 role_name

    Each entry is a command and privilege entry, as specified in adminrole(1M).

``Adding commands and privileges for a new role'' shows how to create a new role, assistant, and associate the mount and umount commands with the appropriate privilege with the role assistant.
   # adminrole assistant
   UX:adminrole:WARNING:undefined role name "assistant"
   # adminrole -n -a mount:/etc/mount:mount,umount:/etc/umount:mount assistant
   # adminrole assistant
   assistant:   mount:/etc/mount mount
               umount:/etc/umount mount

Adding commands and privileges for a new role

The first adminrole displays any TFM database entries for the role assistant. In this case the role does not exist. The next adminrole creates the new role assistant; the -n option shows this is a definition of a new role. If role assistant already exists in the TFM database omit the -n option. As with the adminuser command, the initial mount and umount are the command aliases used with the tfadmin command, /etc/mount and /etc/umount are the paths for the executables, and the final mount for each definition specifies the mount privilege that should be granted when running these commands.

Next topic: Adding commands to an existing role
Previous topic: Displaying commands and privileges for a role

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004