Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: rbac problem.
Operating Systems Solaris rbac problem. Post 302254760 by sotich82 on Wednesday 5th of November 2008 05:29:53 AM
Old 11-05-2008
rbac problem.
Hi all!
On backup server with contab my script worked, but one command don't fine to be executed:

Code:
bash-3.00$ scp itadmin@172.17.0.44:/export/backups/* /bckp1/opencms/bcp_`date +%Y%m%d`/
www-zone.cfg         100% |**********************************************************************************************************|   299       00:00
scp: /export/backups/www-zone_20081105.ufsdump: Permission denied

On that 172.17.0.44 for user itadmin:

Code:
bash-3.00$ cat /etc/user_attr
#
# Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
# /etc/user_attr
#
# execution attributes for profiles. see user_attr(4)
#
#ident  "@(#)user_attr  1.1     07/01/31 SMI"
#
#
adm::::profiles=Log Management
lp::::profiles=Printer Management
postgres::::type=role;profiles=Postgres Administration,All
root::::auths=solaris.*,solaris.grant;profiles=Web Console Management,All;lock_after_retries=no
tomcat::::type=normal;defaultpriv=basic,net_privaddr
itadmin::::profiles=Primary Administrator

Please help about that roles, i dont't understand this framework.Smilie
Last edited by DukeNuke2; 11-05-2008 at 04:31 PM.. Reason: added code tags for better reading
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

RBAC logging

Hi gurus: I have not come accross any links on the internet that shows how to set up logging in RBAC and also is it possible to get the granularity and simplicity of sudo logging in RBAC. I have heard that RBAC logs are complicated to read and not as simple and granular as sudo logs. Your help... (0 Replies)
Discussion started by: geomonap
0 Replies

2. Solaris

Rbac

I am trying to let user asillitoe su to the godbrook role to execute commands. I have editted files as follows: user_attr: asillito::::type=normal;roles=godbrook godbrook::::type=role;profiles=Gadbrook,All prof_attr: Gadbrook:::Allow root commands to be used by godbrook: exec_attr:... (0 Replies)
Discussion started by: chrisdberry
0 Replies

3. Solaris

RBAC Help

do i have to create a new account to add a role? i want the sysadmin login i have 3 users on my systems sysadmin secman oc01 also 3 profiles SA (goes t0 sysadmin account) SSO (goes to secman account) LMICS (goes to oc01 account) the user accounts are located in /h/USERS/local the... (4 Replies)
Discussion started by: deaconf19
4 Replies

4. Shell Programming and Scripting

Automating RBAC with IF/Then statement

what would be easier to automate a script if/then ? (0 Replies)
Discussion started by: deaconf19
0 Replies

5. AIX

RBAC in 5.3 Question

I would like to use the Role Based access control to granulize some of the administration of AIX systems in our organization. Across the company we will be using aix 5.3. One of these roles will only have the access to make, change and delete users, something similar to ManageAllUsers. The thing... (1 Reply)
Discussion started by: dgaixsysadm
1 Replies

6. UNIX for Dummies Questions & Answers

Unix Rbac

Can anyone help me on "How to change Unix to support RBAC policy"? (4 Replies)
Discussion started by: JPoroo
4 Replies

7. Linux

Sudo user vs RBAC

Hi all, What the difference between the sudo users & RBAC when the talk of effects after doing the above comes??? any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies

8. HP-UX

RBAC question

hi every one i tried rbac and i made 1- role called GizaRoot 2- group called gizagroup 3- added privlage autherization called "m.k" /usr/sbin/useradd:dflt:(m.k,*):0/0//:dflt:dflt:dflt: i assigned the role to group and add user to that group then su to user and tried to use the command ... (0 Replies)
Discussion started by: maxim42
0 Replies

9. AIX

Disable RBAC - AIX

Hi all, i have a little problem... I have a Trusted AIX v. 6.1 installed on my system p. I can't disable RBAC mode... $ lsattr -El sys0 -a enhanced_RBAC enhanced_RBAC true Enhanced RBAC Mode True $ chdev -l sys0 -a enhanced_RBAC=false Method error (/usr/lib/methods/chggen): 0514-018... (3 Replies)
Discussion started by: Zio Bill
3 Replies

10. AIX

RBAC and LDAP users (AD)

Hello everyone, I am having trouble with something, and I can't find the right answer online. On our company, we are using LDAP Authentication with Active Directory (Windows 2008 Servers) to have a centralized management of AIX 7.1 users. So far so good, but now, we want to implement RBAC on... (7 Replies)
Discussion started by: Janpol
7 Replies

LEARN ABOUT HPUX

rbacdbchk

rbacdbchk(1M)															     rbacdbchk(1M)

NAME

       rbacdbchk - Verifies the syntax of the Role-Based Access Control (RBAC) database files

SYNOPSIS

DESCRIPTION

       verifies that there are no conflicting or inconsistent entries in and amongst the RBAC database files.  also checks the syntax of the data-
       base files and prints messages indicating which lines contain errors.  returns zero output if no errors are present in the database files.

       All the RBAC database files and are verified.  See rbac(5) for more information on these RBAC database files.

   Options
       supports the following options:

	      Checks the
		     database.

	      Checks the
		     database.

	      Checks the
		     database.

	      Checks the
		     database.

	      Checks the
		     database.

	      Cross reference checks all databases.

EXTERNAL INFLUENCES

   Environment Variables
       determines the language in which messages are displayed.

   International Code Set Support
       Single-byte character code set is supported.

RETURN VALUE

       0.   Success
       1.   Incorrect syntax

EXAMPLES

       The following example finds an error that user is an invalid user

	      # rbacdbchk
	      [/etc/rbac/user_role] John: Administrator
		      invalid user
		      The value 'John' for the Username field is bad.

       The following example finds a syntax error, an extra colon at the end of a line:

	      # rbacdbchk
	      [/etc/rbac/user_role] root:     Administrator:
		      invalid name: Not alphanumeric
		      The value 'Administrator:' for the Rolename field is bad.

	      [Role in role_auth DB with no assigned user in user_role DB]
	      Administrator:(hpux.*, *)

       The following example finds a field missing:

	      # rbacdbchk
	      [/etc/rbac/roles] : my comment
		      invalid name: <empty>
		      The value '' for the Rolename field is bad.

       The following example finds a bad role:

	      # rbacdbchk

	      [Role in role_auth DB with no assigned user in user_role DB]
	      blah:(hpux.*, *)

	      [Invalid Role in role_auth DB. Role 'blah' does not exist in the roles DB]
	      blah:(hpux.*, *)

       The following example finds a bad group name:

	      # rbacdbchk
	      [/etc/rbac/user_role] &blah:    Administrator
		      invalid group
		      The value 'blah' for the Group name field is bad.

FILES

       Database containing valid definitions of all roles.

       Database containing definitions of all valid authorizations.

       Database specifying the roles for each specified user.

       Database that defines the authorizations for each role.

       Database containing the authorization to execute specified commands,
	      and the privileges to alter uid and gid for command execution.

       Database that defines the role-to-authorization to audit

SEE ALSO

       authadm(1M), cmdprivadm(1M), privrun(1M), rbac(5).

																     rbacdbchk(1M)
All times are GMT -4. The time now is 02:02 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy