DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Trusted facility management

Adding commands to an existing role

Use adminrole with the -a option to add commands and privileges to a new or existing role.

To add commands and privileges to an existing role, perform the following:

  1. Enter

    adminrole -a entry1,entry2 role_name

    Each entry is a command and privilege entry, as specified in adminrole(1M).

``Adding commands and privileges for an existing role'' shows how to associate the date command with the appropriate privilege with the role assistant,given mount and umount.
   # adminrole assistant
   assistant:   mount:/etc/mount mount
               umount:/etc/umount mount
   #
   # adminrole -a date:/usr/bin/date:dacwrite:macwrite:sysops assistant
   # adminrole assistant
   assistant:   mount:/etc/mount mount
               umount:/etc/umount mount
               date:/usr/bin/date dacwrite macwrite sysops

Adding commands and privileges for an existing role

The first adminrole displays any TFM database entries for the role assistant. In this case, entries exist for the mount and umount commands. The next adminrole adds the date command. As with the adminuser command, the initial mount, date, and umount are the command aliases used with the tfadmin command; /etc/mount, /usr/bin/date, and /etc/umount are the paths for the executables, followed by the list of privileges that should be granted when running these commands: mount for the mount and umount commands, and dacwrite, macwrite, and sysops for the date command.


Next topic: Removing commands and privileges for a role
Previous topic: Adding commands and privileges for a new role

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004