Quote:
Originally Posted by
samar
Hi,
let me see /etc/user_attr file.
Good luck
so i dont know how u managed that,i suspect that executive attribution has not given correct for your role that it cant execute "shutdown",
but example shown below works 100% :
# useradd -m -d /export/home/testuser testuser
64 blocks
# passwd testuser
New Password:
Re-enter new Password:
passwd: password successfully changed for testuser
# grep testuser /etc/passwd
testuser:x:60004:1::/export/home/testuser:/bin/sh
# roleadd -m -d /export/home/shutdown shutdown
64 blocks
# passwd shutdown
New Password:
Re-enter new Password:
passwd: password successfully changed for shutdown
# grep shutdown /etc/passwd
shutdown:x:60005:1::/export/home/shutdown:/bin/pfsh
# usermod -R shutdown testuser
# grep testuser /etc/user_attr
testuser::::type=normal;roles=shutdown
#echo "SHUTDOWN::
rofile to shutdown:help=shutdown.html" > /etc/security/prof_attr
#rolemod -P SHUTDOWN shutdown
#echo "SHUTDOWN:suser:cmd:::/usr/sbin/shutdown:uid=0" > /etc/security/exec_attr
-----------------------------------------------------
login as: testuser
Using keyboard-interactive authentication.
Password:
Last login: Mon Jul 20 12:36:57 2009 from 10.10.1.231
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ su - shutdown
Password:
$ /usr/sbin/shutdown
hutdown started. Mon Jul 20 12:53:22 GET 2009
Broadcast Message from root (pts/2) on gantek4 Mon Jul 20 12:53:22...
The system gantek4 will be shut down in 1 minute
showmount: gantek4: RPC: Program not registered
Broadcast Message from root (pts/2) on gantek4 Mon Jul 20 12:53:52...
The system gantek4 will be shut down in 30 seconds
Good luck