Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: RBAC related question.....
Operating Systems Solaris RBAC related question..... Post 302335602 by samar on Monday 20th of July 2009 04:51:52 AM
Old 07-20-2009
Quote:
Originally Posted by samar
Hi,
let me see /etc/user_attr file.

Good luck
so i dont know how u managed that,i suspect that executive attribution has not given correct for your role that it cant execute "shutdown",
but example shown below works 100% :

# useradd -m -d /export/home/testuser testuser
64 blocks
# passwd testuser
New Password:
Re-enter new Password:
passwd: password successfully changed for testuser
# grep testuser /etc/passwd
testuser:x:60004:1::/export/home/testuser:/bin/sh
# roleadd -m -d /export/home/shutdown shutdown
64 blocks
# passwd shutdown
New Password:
Re-enter new Password:
passwd: password successfully changed for shutdown
# grep shutdown /etc/passwd
shutdown:x:60005:1::/export/home/shutdown:/bin/pfsh
# usermod -R shutdown testuser
# grep testuser /etc/user_attr
testuser::::type=normal;roles=shutdown

#echo "SHUTDOWN::Smilierofile to shutdown:help=shutdown.html" > /etc/security/prof_attr
#rolemod -P SHUTDOWN shutdown
#echo "SHUTDOWN:suser:cmd:::/usr/sbin/shutdown:uid=0" > /etc/security/exec_attr

-----------------------------------------------------

login as: testuser
Using keyboard-interactive authentication.
Password:
Last login: Mon Jul 20 12:36:57 2009 from 10.10.1.231
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ su - shutdown
Password:
$ /usr/sbin/shutdown

hutdown started. Mon Jul 20 12:53:22 GET 2009

Broadcast Message from root (pts/2) on gantek4 Mon Jul 20 12:53:22...
The system gantek4 will be shut down in 1 minute

showmount: gantek4: RPC: Program not registered
Broadcast Message from root (pts/2) on gantek4 Mon Jul 20 12:53:52...
The system gantek4 will be shut down in 30 seconds


Good luck
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

A Question related to the net

well, I was suggested to remove the contents of the cache as i get out of the browser netscape from the .netscape folder. is that really necessary? if so what are the rest to be done? can anybody please tell me?:rolleyes: (8 Replies)
Discussion started by: sskb
8 Replies

2. Programming

signals related question

Hi all, Just a little question relative to signals. I know that if an application is in the sleep state, When a signal is catched, it will be processed by the handler. But what happens if it's processing something? Does the processing stops?? The following code should illustrate this case ... (2 Replies)
Discussion started by: ninjanesto
2 Replies

3. UNIX for Advanced & Expert Users

One Question related to alias

Hello, I have created following alias in csh lab 'rlogin -l user23 complab23' but problem is complab23 does not allow automatic login by checking .rhosts file. So after typing lab on command line I have to type complicate password and if wrong password is typed thrice then account gets... (4 Replies)
Discussion started by: neerajrathi2
4 Replies

4. AIX

RBAC in 5.3 Question

I would like to use the Role Based access control to granulize some of the administration of AIX systems in our organization. Across the company we will be using aix 5.3. One of these roles will only have the access to make, change and delete users, something similar to ManageAllUsers. The thing... (1 Reply)
Discussion started by: dgaixsysadm
1 Replies

5. HP-UX

RBAC question

hi every one i tried rbac and i made 1- role called GizaRoot 2- group called gizagroup 3- added privlage autherization called "m.k" /usr/sbin/useradd:dflt:(m.k,*):0/0//:dflt:dflt:dflt: i assigned the role to group and add user to that group then su to user and tried to use the command ... (0 Replies)
Discussion started by: maxim42
0 Replies

6. Shell Programming and Scripting

having df command related question

Hi All, When i have run the below command its showing 90% which is critical for production. for this i need the answer of some below question please help me for that. 1) i want to delete some unwanted files. how can i know the unwanted files ?Is it there any way of knowing this?? 2)and... (2 Replies)
Discussion started by: aish11
2 Replies

7. Shell Programming and Scripting

awk related question

awk "/^<Mar 31, 2012 : /,0" /app/blah.log can someone please help me figure out why the above command isn't pulling anything out from the log? basically, i want it to pull out all records, from the very first line that starts with the date "Mar 31, 2012" and that also has a time immediately... (4 Replies)
Discussion started by: SkySmart
4 Replies

8. UNIX for Dummies Questions & Answers

Question related to 'ps'

If I run a script called 'abc.sh' and then execute the following : ps -ef | grep 'abc.sh' I always get two rows of output, one for the executing script, and the other for the grep command that I have triggered after the pipe. Questions: Why does the second row turn up in the results. My... (10 Replies)
Discussion started by: jawsnnn
10 Replies

9. Shell Programming and Scripting

awk related question

awk -F ";" 'FNR==NR{a=$1;next} ($2 in a)' server.list datafile | while read line do echo ${line} done when i run the above, i get this: 1 SERVICE NOTIFICATION: nagiosadmin skysmart-01.sky.net .... instead of: SERVICE NOTIFICATION: nagiosadmin skysmart-01.sky.net .... can... (4 Replies)
Discussion started by: SkySmart
4 Replies

10. UNIX for Dummies Questions & Answers

Question related to grep

We have huge file with control A as delimiter. Somehow one record is corrupted. This time i figured it out using ETL graph. If future , how to print only bad record. Example Correct record:... (2 Replies)
Discussion started by: srikanth38
2 Replies

LEARN ABOUT LINUX

ftprestart

ftprestart(1M)                                            System Administration Commands                                            ftprestart(1M)

NAME

       ftprestart - restart previously shutdown FTP Servers

SYNOPSIS

       ftprestart [-V]

DESCRIPTION

       Use the ftprestart command to restart an FTP Server previously shut down by means of ftpshut(1M). The ftprestart command reads the shutdown
       capability from the ftpaccess(4) file to determine the path of the shutdown message files. It then reenables the FTP Server by removing any
       shutdown message files in the anonymous and virtual FTP Server area, as well as the system wide shutdown message file.

OPTIONS

       The ftprestart command supports the following options:

       -V       Display program copyright and version information, then terminate.

EXAMPLES

       Example 1: Sample Output from ftprestart

       The following example shows sample output from the ftprestart command:

       example% ftprestart
       ftprestart: /export/home/ftp/etc/ftpd/shutdown.msg removed.
       ftprestart: /export/home/virtual1/etc/ftpd/shutdown.msg removed.
       ftprestart: /etc/ftpd/shutdown.msg removed.

EXIT STATUS

       The following exit values are returned:

       0        Successful completion.

       >0       An error occurred.

FILES

       /etc/ftpd/ftpaccess

       /etc/ftpd/ftpservers

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWftpu                     |
       +-----------------------------+-----------------------------+
       |Interface Stability          |External                     |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftpshut(1M), in.ftpd(1M), ftpaccess(4), ftpservers(4), attributes(5)

SunOS 5.10                                                          1 May 2003                                                      ftprestart(1M)
All times are GMT -4. The time now is 06:21 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy