|
|
The Trusted Facility Management (TFM) tools provide the means to maintain a database of users and the commands they may execute with privilege. TFM eliminates the need to place fixed privileges on a command (via filepriv) for it to execute with privilege for these users.
Each command entry in the database includes an alias for the command, the path to the executable file, and the privileges to be granted. An administrator who is in the TFM database must execute the tfadmin command to run these commands with the granted privileges. Users not in the TFM database cannot execute commands with privilege and will get an error if they attempt to use tfadmin.