Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Solaris / OpenSolaris This forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.


  Search this Thread
Old 10-13-2008, 05:00 AM   #1
Registered: Jun 2008
Posts: 31

Rep: Reputation: 15
if you want to assign some tasks to specific user


To assign the rights to specific User In Solaris

Role-based access control (RBAC) is an alternative to the all-or-nothing superuser model. RBAC uses the security principle of least privilege. No user should be given more privilege than necessary for performing the user's job. RBAC makes it possible for an organization to separate superusers' capabilities and assign these capabilities to specific users or to special user accounts that are called roles. Roles can be assigned to specific individuals, according to their job needs

you have already user in your system named dell
you want to assign some administration tasks to del to do

1) you must make profile in this example the profile named is useradmin
# vi /etc/security/prof_attr
then you will write at the end of the file

then at this file /etc/security/exec_attr you will assign the command what you want this user (dell) to do


when you add role it's like useradd you will found the role name at /etc/passwd

Create role:-
# roleadd -c "User Administration" -g "Primary Group" -md /export/home/username -s /user/bin/pfksh -P "useracc" username

-c if you want to add comment
-g if you want to add this role to primary group
-md to create the home directory for the role (it's like useradd home directory for the user)
-s to assign shell for user (this is like ksh we use but it is special for this command becouse it is check the rights you given to the user)
-P capital P to assign the profile

# passwd username
# usermod -R username dell
-R to assign role to existing user

i hope this explain help you

Last edited by dellroxy; 10-14-2008 at 09:45 AM. Reason: jlliagre correction my thread
Old 10-13-2008, 06:23 AM   #2
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.3, Oracle Linux, Mint
Posts: 9,707

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
Originally Posted by dellroxy View Post
-c if you want to add command
That should be comment, not command.
-g if you want to add this role to primary command
That should be group, not command.
-s to assign bash for user (this is like shell we use but it is special for this command becouse it is check the rights you given to the user)
Not bash but ksh. There is no rbac aware bash available.
if you need more than this help contact me direct with my email
Why are you asking for off line follow up instead of sharing with everyone ?
Old 10-14-2008, 09:47 AM   #3
Registered: Jun 2008
Posts: 31

Original Poster
Rep: Reputation: 15
thanks jlliagre for your effort helping my to correct my thread written mistake

and for off line follow up i didn't this meaning totally

i hope that my articl be good

Last edited by dellroxy; 10-14-2008 at 09:48 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I assign a webcam to a specific /dev/video#? windisch Linux - Hardware 5 09-25-2008 07:37 PM
DHCP Assign ip to specific MAC address gfem Linux - Networking 2 08-02-2007 02:58 PM
assign new data partition to specific users wycolorado Linux - Newbie 2 01-01-2005 09:53 PM
How do you assign a process to a specific processor? ter_roshak Linux - General 1 12-19-2003 12:38 AM
Assign Privs to specific user sikandar Linux - Software 13 08-31-2003 02:12 AM > Forums > Other *NIX Forums > Solaris / OpenSolaris

All times are GMT -5. The time now is 10:46 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration