Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

RBAC: create a user to shut the server

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users RBAC: create a user to shut the server
# 1  
Old 06-26-2007
RBAC: create a user to shut the server
Hi,

I have created a user to shutdown the server using RBAC.
Here are my steps:
1. roleadd -u 1000 -g 10 -d /home/stopsys -m stopsys
2. passwd stopsys
3. edit /etc/security/prof_attr to include:
Shut:::able to shut the server:
4. modrole -P Shut stopsys
5. useradd -u 1001 -g 10 -d /home/user10 -m -R stopsys -s /bin/ksh user10
6. passwd user10
edit /etc/security/exec_attr to include:
Shut:suser:cmd:::/usr/sbin/shutdown:uid=0

Now, when I login & execute the shutdown cmd, I get this:
/usr/sbin/shutdown: Only root can run /usr/sbin/shutdown

But the relavent files have been updated as follows:
#tail -1 /etc/security/prof_attr
Shut:::Shutdown the Server:

# tail -2 /etc/user_attr
stopsys::::type=role;profiles=Shut
user10::::type=normal;roles=stopsys

# tail -1 /etc/security/exec_attr
Shut:suser:cmd:::/usr/sbin/shutdown:uid=0

Would you be able to find the issue here ?

Thanks in advance.
Chaandana
# 2  
Old 06-26-2007
Hi chaandana,

Sorry if i'm stating the obvious, but it doesn't look like you're su'ing to the stopsys role before trying to shutdown?

login: user10
password:
$ su stopsys
Password:
$ shutdown -y -g0 -i5

Hope this helps,

Craig
# 3  
Old 06-27-2007
Hi Craig,

Means I forgot the obvious. Thanks.

Cheers!
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Assigning proc_owner privilege to particular user in RBAC

Hi I need to assign proc_owner privilege to particular user through RBAC. How can I assign this privilege to user, I need help on this. Further I need to understand if I give this proc_owner privilege to particular user, what kind of control user will get on other user or system processes... (7 Replies)
Discussion started by: sb200
7 Replies

2. Shell Programming and Scripting

How to scp File from root user in one server to say crt user in another server and avoid password?

Can someone help in writing some script through which I can transfer file (scp) from root user in abc server to crt user in hfg server and can give the crt user password in script itself so that it doesn't prompt me every time for password (4 Replies)
Discussion started by: Moon1234
4 Replies

3. Ubuntu

Any way we can create an SMTP server and use any scripting language to read emails from that server

Is there any way to create an SMTP mail server will all granular permissions to it so that I can read emails which that server receives through any scripting language and also reply from the same server automatically? (3 Replies)
Discussion started by: sandeepcm
3 Replies

4. Homework & Coursework Questions

Create script to add user and create directory

first off let me introduce myself. My name is Eric and I am new to linux, I am taking an advanced linux administration class and we are tasked with creating a script to add new users that anyone can run, has to check for the existence of a directory. if the directory does not exist then it has... (12 Replies)
Discussion started by: pbhound
12 Replies

5. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

6. Solaris

Directory Server + RBAC on one server

Hello everyone, I have been trying to find a way to setup a directory server working with RBAC on Solaris. I will try to figure out my environment and my concerns. Here we go : - I have Unix servers mostly running Solaris 10 and 9 in my environment. - I have users/user groups that need to... (4 Replies)
Discussion started by: niyazi
4 Replies

7. Solaris

To Shut down the server. Do the Maintainance and Start Up the server

Hello All I just want to know how to Shut Down the Solaris Machines( Servers ) for Maintainance and then Start Up the Machines ( Servers ) . I think I will have to Log In as root to do that . Also how do i Check if all the services running on that server before shut down are running... (6 Replies)
Discussion started by: supercops
6 Replies

8. Linux

Sudo user vs RBAC

Hi all, What the difference between the sudo users & RBAC when the talk of effects after doing the above comes??? any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies

9. UNIX for Advanced & Expert Users

Other than root user .Normal user is unable to create files

Hi all, I am using Sun Solaris 9 .In this system normal users unable to create files from the command line.I added these users in bin,adm and even root group i found them unable to create a file. (1 Reply)
Discussion started by: mallesh
1 Replies
Login or Register to Ask a Question