topic Re: RBAC - Solution in Operating System - HP-UX

RBAC - Solution

Joao Rei — Tue, 22 Feb 2011 10:45:43 GMT

Hi,

I'm trying to find a solution for the following requirement.

- The User needs to execute all root commands except change the password.

Does anyone have an ideia how to deal with command negations in RBAC?

Regards,

Joao Rei

Re: RBAC - Solution

Hakki Aydin Ucar — Tue, 22 Feb 2011 11:18:38 GMT

I am not user RBAC will be able to restrict only one command while all commands will be unrestricted to this user.
http://h71028.www7.hp.com/hpux11i/downloads/hpux11i_rbac.pdf

Maybe you can try sudo OR restricted users with SAM ;
# sam â r

Re: RBAC - Solution

Joao Rei — Tue, 22 Feb 2011 12:45:00 GMT

Thank you for your answer.

I've already have sudo running. But now I'm migrating to RBAC.
Under sudo I can restrict commands.

If I assign the Admin role to a user he can do anything, but I want to restric some commands.

Regards,

Joao Rei