The make-owner command
adds, removes, or transfers owner authorizations
and adds and removes entries from the TFM database.
System owners are usually defined via the SCOadmin
Account Manager.
It also adds the owner to the dtadmin supplementary group.
make-ownernewowner
add newowner to the database
makeownernewowner oldowner
transfer owner permissions from oldowner to newowner
makeowner - oldowner
removes oldowner from the database
Only an owner is allowed to add or remove user accounts,
grant privileges to other user accounts, and backup and restore
all files on the system.
Authorizations
To assign the privileges necessary to execute SCOadmin managers,
make-owner checks
/usr/lib/scoadmin/account/OwnerPrivs
and executes any file it finds. The files in this
directory must contain the necessary code to assign privileges.
In general there will be one line of code, as in this example:
$ADMIN -a chmod:/bin/chmod:allprivs $OWN >/dev/null 2>&1
This is run for each command being added to the user's privilege set.
The environment variables OWN and ADMIN have been
exported and should be
used by the script. However, the contents of the OwnerPrivs
file is not restricted to the above. For example, roles can be assigned
as in this example: