The OpenNET Project / Index page

[ новости /+++ | форум | wiki | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

profiles (1)
  • >> profiles (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • profiles (1) ( Linux man: Команды и прикладные программы пользовательского уровня )
  •  

    NAME

    profiles - print execution profiles for a user
     
    

    SYNOPSIS

    profiles [-l] [ user ]...
    

     

    DESCRIPTION

    The profiles command prints on standard output the names of the execution profiles that have been assigned to you or to the optionally-specified user or role name. Profiles are a bundling mechanism used to enumerate the commands and authorizations needed to perform a specific function. Along with each listed executable are the process attributes, such as the effective user and group IDs, with which the process runs when started by a privileged command interpreter. The profile shells are pfcsh, pfksh, and pfexec. See the pfexec(1) man page. Profiles can contain other profiles defined in prof_attr(4).

    Multiple profiles can be combined to construct the appropriate access control. When profiles are assigned, the authorizations are added to the existing set. If the same command appears in multiple profiles, the first occurrence, as determined by the ordering of the profiles, is used for process-attribute settings. For convenience, a wild card can be specified to match all commands.

    When profiles are interpreted, the profile list is loaded from user_attr(4). If any default profile is defined in /etc/security/policy.conf (see policy.conf(4)), the list of default profiles are added to the list loaded from user_attr(4). Matching entries in prof_attr(4) provide the authorizations list, and matching entries in exec_attr(4) provide the commands list.  

    OPTIONS

    The following options are supported:

    -l

    Lists the commands in each profile followed by the special process attributes such as user and group IDs.

     

    EXAMPLES

    Example 1 Sample Output

    The output of the profiles command has the following form:

    example% profiles tester01 tester02tester01 : Audit Management, All Commands
    tester02 : Device Management, All Commands
    example%
    

    Example 2 Using the list Option

    example% profiles -l tester01 tester02tester01 :
       Audit Management:
         /usr/sbin/audit          euid=root
         /usr/sbin/auditconfig    euid=root    egid=sys
       All Commands:
         *
    tester02 :
       Device Management:
         /usr/bin/allocate:       euid=root
         /usr/bin/deallocate:     euid=root
       All Commands
         *
    example%
    

     

    EXIT STATUS

    The following exit values are returned:

    0

    Successful completion.

    1

    An error occurred.

     

    FILES

    /etc/security/exec_attr

    /etc/security/prof_attr

    /etc/user_attr

    /etc/security/policy.conf  

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE

    AvailabilitySUNWcsu

     

    SEE ALSO

    auths(1), pfexec(1), roles(1), getprofattr(3SECDB), exec_attr(4), policy.conf(4), prof_attr(4), user_attr(4), attributes(5)


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    EXAMPLES
    EXIT STATUS
    FILES
    ATTRIBUTES
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Спонсоры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2022 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру