HPE Community
Operating System - HP-UX
1837932 Members
2780 Online
110124 Solutions
New Discussion

Specific commands, arguments and switches in RBAC

 
Yair Zaretski
Occasional Advisor

‎08-08-2006 07:21 PM

‎08-08-2006 07:21 PM

Specific commands, arguments and switches in RBAC

I recently installed Role-Based Access Control on my system, and I’m having problems configuring additional commands to match my specific requirements. For example - I would like to assign an authorization for a role to be able to change ownership with any command swithc of any directory to any user in a specific file system.
What is the command I should specify in "cmd=" when entering the "cmdprivadm add" command?
0 Kudos
Reply
6 REPLIES 6
Chan 007
Honored Contributor

‎08-08-2006 09:53 PM

‎08-08-2006 09:53 PM

Re: Specific commands, arguments and switches in RBAC

Hi,

Please check the link and download the PDF file.

docs.hp.com/en/5991-1821/ch03s05.html

Chan
0 Kudos
Reply
Yair Zaretski
Occasional Advisor

‎08-08-2006 10:21 PM

‎08-08-2006 10:21 PM

Re: Specific commands, arguments and switches in RBAC

Thanks, it helped a bit.
what i need is for a certain user to be able to run the command:
privrun chown USER_NAME DIR_NAME
where user_name could vary and the dir_name could be any directory within one specific file system.
what do i need to enter in the cmdprivadm command?
0 Kudos
Reply
Chan 007
Honored Contributor

‎08-08-2006 11:41 PM

‎08-08-2006 11:41 PM

Re: Specific commands, arguments and switches in RBAC

Hi

To acheive this you have to either set up a role based policy for the users who will perform such operation,

But on a consistency point, you should not allow this feature for changing ownership for many people in a group, if you intend to allow many people to perform such thing then what is the fun of Security.

Also This chown is done once in a life time and not reqularly so you should not give this to all. e.g /data might be supported by DBA's when you setup a OS, you would have given all rights for the DBAs (group) to perform this chown.

Chan
0 Kudos
Reply
Yair Zaretski
Occasional Advisor

‎08-08-2006 11:43 PM

‎08-08-2006 11:43 PM

Re: Specific commands, arguments and switches in RBAC

could you please specify more about role based policy?

thanks
0 Kudos
Reply
Chan 007
Honored Contributor

‎08-09-2006 12:08 AM

‎08-09-2006 12:08 AM

Re: Specific commands, arguments and switches in RBAC

Hi Yair,

Please find this link, this has examples and step by step information what happens

http://www.sun.com/bigadmin/content/submitted/custom_roles_rbac.html

Chan
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎08-10-2006 07:31 AM

‎08-10-2006 07:31 AM

Re: Specific commands, arguments and switches in RBAC

Chan, I believe the question was regarding HP-UX, not Solaris, RBAC. While the high level concepts are similar, the implementations are quite different.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.