10-30-2011
There is a good article in IBM Developer works on Role Based Access Control:
Understanding advanced AIX features: Role-based access control in simple steps
Also, you may use the good old "sudo" based delegation. I work as user administrator and our client has relied on "sudo" over RBAC to make it easier for us as client has other UNIX systems as well. So we use it on all UNIX servers including AIX, Solaris, and RHEL.
![Big Grin Smilie](https://www.unix.com/images/smilies/biggrin.gif)
9 More Discussions You Might Find Interesting
1. Cybersecurity
I run a HP-9000 system with HP-UX version 11.0 and Informix-4GL version 7.2. I run this system for the military. There was a security issue where only a select few could have the UID of "0". One of those individuals is me (I am the SA). My question is how can i setup my personnel to be able to... (2 Replies)
Discussion started by: JackieRyan26
2 Replies
2. UNIX for Dummies Questions & Answers
How do you determine which users have permission to use root priviledges? (4 Replies)
Discussion started by: Ben070371
4 Replies
3. Post Here to Contact Site Administrators and Moderators
hi
how to disable the useraccount in aix (should not remove). (1 Reply)
Discussion started by: chomca
1 Replies
4. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
5. Cybersecurity
Please help me identify these user accounts..
bin, lp, nuucp, smbnull, mysql, tftp
Can we remove these user or disable these users?We have to apply the security policy about the user identification.Since it was settup by our vendor long time ago. We do not have these informations about these... (3 Replies)
Discussion started by: rdstkg
3 Replies
6. Red Hat
Hi All,
I want to know is there any way where if i add a user in a centos machine the can be replicated to another centos automatically.
As i have setup DRBD with heartbeat for apache webserver everything is working fine but the only thing im stuck in is about system account for ftp.
Can any... (3 Replies)
Discussion started by: search4u2003
3 Replies
7. Solaris
I want create user. That user should be login to any server without asking password. How? tell me in detail.
:wall: (3 Replies)
Discussion started by: Navkreddy
3 Replies
8. UNIX for Dummies Questions & Answers
Hi - I want to log commands typed by oraapps user with time into some log file on runtime.
HISTTIMEFORMAT="%d/%m/%y %T " works but any one with oraapps user can delete the history.
OS : RHEl 5.6
Any help is appreciated. (5 Replies)
Discussion started by: oraclermanpt
5 Replies
9. HP-UX
I need to check actual date a user was disabled on my HP-UX server.
Audit is claiming the user account was active during the last audit exercise. (7 Replies)
Discussion started by: cyriac_N
7 Replies
LEARN ABOUT REDHAT
lppasswd
lppasswd(1) Easy Software Products lppasswd(1)
NAME
lppasswd - add, change, or delete digest passwords.
SYNOPSIS
lppasswd [ -a ] [ -g groupname ] [ -x ] [ username ]
DESCRIPTION
lppasswd adds, changes, or deletes passwords in the CUPS digest password file, passwd.md5. When run by a normal user, lppasswd will prompt
for the old and new passwords. When run by the super-user, lppasswd can add new accounts (-a username), change existing accounts (user-
name), or delete accounts (-x username) in the digest password file. Digest usernames do not have to match local UNIX usernames, but only
UNIX usernames are supported by the CUPS client programs (lp(1), lpr(1), etc.)
The -g option specifies a group other than the system group - "sys", "system", or "root", depending on the operating system.
SECURITY ISSUES
The lppasswd command is installed setuid to root. While every attempt has been made to make it secure against exploits that could grant
super-user priviledges to unpriviledged users, paranoid system administrators may wish to disable or change the ownership of the program to
an unpriviledged account.
SEE ALSO
lp(1), lpr(1), CUPS Software Administrators Manual, CUPS Software Users Manual, http://localhost:631/documentation.html
COPYRIGHT
Copyright 1993-2002 by Easy Software Products, All Rights Reserved.
7 June 2001 Common UNIX Printing System lppasswd(1)