10-14-2009
If you're using Solaris, Role Based Access Controls (RBAC) would work.
Of course, like sudo you will initially need root access on your clients to set it up.
Understading RBAC - The Observatory
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
2. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
3. Shell Programming and Scripting
Dear all
Ihave written a script in Hpux9.0, the ecript is working fine if I run it from root command prompt
But when I am running it thru /etc/profile or /user/.profile and login as a normal user, the owner of the process running the script is the normal user & hence cant run a root privileaged... (7 Replies)
Discussion started by: initin
7 Replies
4. Red Hat
Hi All,
I have created an RPM installer and installed it via ROOT user & which works fine on Red Hat.
But the problem oocurs when a non root users try to run that application (from their account), it never got executed (being it has the execute permission i.e. chmod a+x somefile.sh).
I want... (6 Replies)
Discussion started by: jw_amp
6 Replies
5. Shell Programming and Scripting
So I have a script that runs as a non-root user, lets say the username is 'xymon' .
This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root.
in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies
6. SuSE
I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command
Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies
7. AIX
I'm looking for a way to track commands that are run as root after a user runs sudo su - root. I have a profile set up for root that will track the commands by userid but if we change the shell it only stores it in that shells history file. (2 Replies)
Discussion started by: toor13
2 Replies
8. Shell Programming and Scripting
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
9. AIX
Hello,
I am testing sudo and I want to test it. Can anyone please let me know few commands (of course other than shutdown, reboot etc. as I can't reboot the box) on AIX that can be run by ROOT only.
Thanks
---------- Post updated at 07:43 PM ---------- Previous update was at 07:38 PM... (5 Replies)
Discussion started by: prvnrk
5 Replies
10. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
LEARN ABOUT HPUX
rbacdbchk
rbacdbchk(1M) rbacdbchk(1M)
NAME
rbacdbchk - Verifies the syntax of the Role-Based Access Control (RBAC) database files
SYNOPSIS
DESCRIPTION
verifies that there are no conflicting or inconsistent entries in and amongst the RBAC database files. also checks the syntax of the data-
base files and prints messages indicating which lines contain errors. returns zero output if no errors are present in the database files.
All the RBAC database files and are verified. See rbac(5) for more information on these RBAC database files.
Options
supports the following options:
Checks the
database.
Checks the
database.
Checks the
database.
Checks the
database.
Checks the
database.
Cross reference checks all databases.
EXTERNAL INFLUENCES
Environment Variables
determines the language in which messages are displayed.
International Code Set Support
Single-byte character code set is supported.
RETURN VALUE
0. Success
1. Incorrect syntax
EXAMPLES
The following example finds an error that user is an invalid user
# rbacdbchk
[/etc/rbac/user_role] John: Administrator
invalid user
The value 'John' for the Username field is bad.
The following example finds a syntax error, an extra colon at the end of a line:
# rbacdbchk
[/etc/rbac/user_role] root: Administrator:
invalid name: Not alphanumeric
The value 'Administrator:' for the Rolename field is bad.
[Role in role_auth DB with no assigned user in user_role DB]
Administrator:(hpux.*, *)
The following example finds a field missing:
# rbacdbchk
[/etc/rbac/roles] : my comment
invalid name: <empty>
The value '' for the Rolename field is bad.
The following example finds a bad role:
# rbacdbchk
[Role in role_auth DB with no assigned user in user_role DB]
blah:(hpux.*, *)
[Invalid Role in role_auth DB. Role 'blah' does not exist in the roles DB]
blah:(hpux.*, *)
The following example finds a bad group name:
# rbacdbchk
[/etc/rbac/user_role] &blah: Administrator
invalid group
The value 'blah' for the Group name field is bad.
FILES
Database containing valid definitions of all roles.
Database containing definitions of all valid authorizations.
Database specifying the roles for each specified user.
Database that defines the authorizations for each role.
Database containing the authorization to execute specified commands,
and the privileges to alter uid and gid for command execution.
Database that defines the role-to-authorization to audit
SEE ALSO
authadm(1M), cmdprivadm(1M), privrun(1M), rbac(5).
rbacdbchk(1M)