HPE Community
Operating System - HP-UX
1832095 Members
3085 Online
110038 Solutions
New Discussion

Role Based Access Control

 
Jesus Tobon
New Member

‎11-02-2001 10:39 AM

‎11-02-2001 10:39 AM

Role Based Access Control

In Sun Solaris there is a way to create root equivalents. This can be done using Role Based Access Control (RBAC). I'm trying to set up a user in HP-UX with a kind of group administrator role (In order to change attributes to files and directories, and other small things). There is any RBAC thing in HP-UX?
Or there is any other way to accomplish this task???
Jesus Tobon
0 Kudos
Reply
7 REPLIES 7
Patrick Wallek
Honored Contributor

‎11-02-2001 10:45 AM

‎11-02-2001 10:45 AM

Re: Role Based Access Control

Nope, No Role Based stuff in HP-UX. As far as I know, that is purely a Solaris 8 thing.

The closest thing I can think of is set up sudo (free) or PowerBroker ($$$$ from Symark) so that the various users can do what they need to do without actually logging in as root.
0 Kudos
Reply
Bernie Vande Griend
Respected Contributor

‎11-02-2001 10:51 AM

‎11-02-2001 10:51 AM

Re: Role Based Access Control

HP has nothing built in to do this.

Sudo is an freeware option.
Symark's PowerBroker is a pretty decent way to do this as it doesn't change the kernel in order to operate.
Computer Associate's has a product called Access Control which also does this exact thing. It is not cheap though and does integrate with the kernel. In fact, that product even allows you to change the access for the root user itself.
Ye who thinks he has a lot to say, probably shouldn't.
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎11-02-2001 10:52 AM

‎11-02-2001 10:52 AM

Re: Role Based Access Control

Hi,

Like Patrick said, you can use sudo or powerbroker. If you only want the user to change file permissions and such. add the user to all the group of users for whom you want to allow this capability.

Am i making sense.

hope this helps.

Regds
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎11-02-2001 11:31 AM

‎11-02-2001 11:31 AM

Re: Role Based Access Control


Write a perl script. It insures you give them what they need while protecting your system.

live free or die
harry
Live Free or Die
0 Kudos
Reply
Michael Tully
Honored Contributor

‎11-02-2001 11:39 AM

‎11-02-2001 11:39 AM

Re: Role Based Access Control

Hi,

Your best bet is get 'sudo' which the best
part of it is that is free. It is really
simple to use and setup.

http://hpux.connect.org.uk/hppd/hpux/Sysadmin/sudo-1.6.2b1/

Or you can get the source code from

www.courtesan.com/sudo

HTH
-Michael
Anyone for a Mutiny ?
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎11-02-2001 11:52 AM

‎11-02-2001 11:52 AM

Re: Role Based Access Control

Or you can get brave and turn on ACL's. But you'll hpux 11 or greater, with jfs 3.3.

live free or die
harry
Live Free or Die
0 Kudos
Reply
Edward Finneran
Advisor

‎12-19-2002 06:53 AM

‎12-19-2002 06:53 AM

Re: Role Based Access Control

or, if the function you're trying to delegate is one provided by sam, you can use sam functions to allow a designated set of non-root users access to that specific function or functions only via sam.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.