01-11-2009
That's too big a question to answer here; if you really want to know all of the differences you should read the documentation for both.
However important considerations are that RBAC is Solaris-only (I think - anyone seen it elsewhere?), whereas sudo is available for most Unix-like platforms.
Personally I find sudo more convenient to maintain because it's all in one file, unlike RBAC. However I think there are some advantages to RBAC as well, such as preventing people from logging in directly as a role, which can be achieved by other means for sudo but is not as straightforward. RBAC is ideally suited for meeting some auditing requirements, such as SOX.
10 More Discussions You Might Find Interesting
1. UNIX Desktop Questions & Answers
ehe may i know what are the difference between Unix & Linux, and what are the advantages of having Unix as well as disadvantages of having Unix or if u dun mind i am dumb do pls tell me what are the advantages as well as the disadvantages of having linux as well. thanks (1 Reply)
Discussion started by: cybertechmkteo
1 Replies
2. UNIX for Advanced & Expert Users
Hello,
I am trying to convince my boss to stop allowing our users to login as root (superuser). Currently our users login to our unix server with their own account, then as needed, they will do an su and put in the root password.
This scares me, for a bunch of reasons. Mainly, one is that we... (1 Reply)
Discussion started by: rwallaceisg
1 Replies
3. Linux
Hi all,
What the difference between the sudo users & RBAC when the talk of effects after doing the above comes???
any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies
4. Solaris
I'm trying to set up RBAC, and I need to know where the logs for RBAC are.
I'm using Solaris 10 as my OS.
I've been reading a lot of documents online and just can't seem to find where the related logs are.
My problem is I need to be able to track a user when they su to a role profile, and... (2 Replies)
Discussion started by: bitlord
2 Replies
5. Solaris
Dear ALL
please can anyone tell me from where can i install sudo for solaris 8 & 9
and how i can install it in the solaris server . (1 Reply)
Discussion started by: thecobra151
1 Replies
6. Solaris
what is the difference between sudo and pbrun?
i have seen people executing pbrun sudo su - what this means?? i know su -
will try to switch to root user. what speciality pbrun gives to sudo when it is used along with sudo command? (2 Replies)
Discussion started by: chidori
2 Replies
7. UNIX for Dummies Questions & Answers
Hi I just wanted to know the difference between Using Sudo mechanism over using Power breaker utilities.
Are they recommended over sudo?
Why ? (4 Replies)
Discussion started by: pinga123
4 Replies
8. UNIX for Advanced & Expert Users
I have an error when using chdev with sudo as follows;
sudo chdev -l rmt0 -a block_size=512
chdev: 0514-518 Cannot access the CuDv object class in the device
configuration database.
I've added chdev in sudoers but still get the error, I guess it's something to do with CuDv... (3 Replies)
Discussion started by: gefa
3 Replies
9. Shell Programming and Scripting
when the following command is issued the command prompt is received, how do I get past this?
ssh -t usera@hosta sudo su - userb -c id (4 Replies)
Discussion started by: squrcles
4 Replies
10. UNIX for Dummies Questions & Answers
Hi All,
Can anyone please help me understanding what the difference between the below two?
1. script.sh &
2. nohup script.sh & (2 Replies)
Discussion started by: Anupam_Halder
2 Replies
LEARN ABOUT HPUX
rbacdbchk
rbacdbchk(1M) rbacdbchk(1M)
NAME
rbacdbchk - Verifies the syntax of the Role-Based Access Control (RBAC) database files
SYNOPSIS
DESCRIPTION
verifies that there are no conflicting or inconsistent entries in and amongst the RBAC database files. also checks the syntax of the data-
base files and prints messages indicating which lines contain errors. returns zero output if no errors are present in the database files.
All the RBAC database files and are verified. See rbac(5) for more information on these RBAC database files.
Options
supports the following options:
Checks the
database.
Checks the
database.
Checks the
database.
Checks the
database.
Checks the
database.
Cross reference checks all databases.
EXTERNAL INFLUENCES
Environment Variables
determines the language in which messages are displayed.
International Code Set Support
Single-byte character code set is supported.
RETURN VALUE
0. Success
1. Incorrect syntax
EXAMPLES
The following example finds an error that user is an invalid user
# rbacdbchk
[/etc/rbac/user_role] John: Administrator
invalid user
The value 'John' for the Username field is bad.
The following example finds a syntax error, an extra colon at the end of a line:
# rbacdbchk
[/etc/rbac/user_role] root: Administrator:
invalid name: Not alphanumeric
The value 'Administrator:' for the Rolename field is bad.
[Role in role_auth DB with no assigned user in user_role DB]
Administrator:(hpux.*, *)
The following example finds a field missing:
# rbacdbchk
[/etc/rbac/roles] : my comment
invalid name: <empty>
The value '' for the Rolename field is bad.
The following example finds a bad role:
# rbacdbchk
[Role in role_auth DB with no assigned user in user_role DB]
blah:(hpux.*, *)
[Invalid Role in role_auth DB. Role 'blah' does not exist in the roles DB]
blah:(hpux.*, *)
The following example finds a bad group name:
# rbacdbchk
[/etc/rbac/user_role] &blah: Administrator
invalid group
The value 'blah' for the Group name field is bad.
FILES
Database containing valid definitions of all roles.
Database containing definitions of all valid authorizations.
Database specifying the roles for each specified user.
Database that defines the authorizations for each role.
Database containing the authorization to execute specified commands,
and the privileges to alter uid and gid for command execution.
Database that defines the role-to-authorization to audit
SEE ALSO
authadm(1M), cmdprivadm(1M), privrun(1M), rbac(5).
rbacdbchk(1M)