|
|
Use adminrole with the -a option to add commands and privileges to a new or existing role.
To add commands and privileges to an existing role, perform the following:
Each entry is a command and privilege entry, as specified in adminrole(1M).
# adminrole assistant
assistant: mount:/etc/mount mount
umount:/etc/umount mount
#
# adminrole -a date:/usr/bin/date:dacwrite:macwrite:sysops assistant
# adminrole assistant
assistant: mount:/etc/mount mount
umount:/etc/umount mount
date:/usr/bin/date dacwrite macwrite sysops
Adding commands and privileges for an existing role
The first adminrole displays any TFM database entries for the role assistant. In this case, entries exist for the mount and umount commands. The next adminrole adds the date command. As with the adminuser command, the initial mount, date, and umount are the command aliases used with the tfadmin command; /etc/mount, /usr/bin/date, and /etc/umount are the paths for the executables, followed by the list of privileges that should be granted when running these commands: mount for the mount and umount commands, and dacwrite, macwrite, and sysops for the date command.