MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


User Commands                                            roles(1)



NAME
     roles - print roles granted to a user

SYNOPSIS
     roles [ user ]...


DESCRIPTION
     The command roles prints on standard output the  roles  that
     you  or  the  optionally-specified  user  have been granted.
     Roles are special accounts that correspond to  a  functional
     responsibility  rather than to an actual person (referred to
     as a normal user).


     Each user may have zero or more roles. Roles  have  most  of
     the  attributes of normal users and are identified like nor-
     mal users in passwd(4) and shadow(4). Each role must have an
     entry in the userattr(4) file that identifies it as a role.
     Roles can have their own authorizations  and  profiles.  See
     auths(1) and profiles(1).


     Roles are not allowed to log into  a  system  as  a  primary
     user.  Instead,  a  user  must log in as him- or herself and
     assume the role. The actions of a role are  attributable  to
     the  normal  user.  When  auditing  is  enabled, the audited
     events of the role contain the audit ID of the original user
     who assumed the role.


     A role may not assume itself or any other  role.  Roles  are
     not    hierarchical.    However,    rights   profiles   (see
     profattr(4)) are hierarchical and can be  used  to  achieve
     the same effect as hierarchical roles.


     Roles must have valid passwords and one of the  shells  that
     interprets  profiles:  either  pfcsh,  pfksh,  or  pfsh. See
     pfexec(1).


     Role assumption may be performed using su(1M), rlogin(1), or
     some  other  service  that  supports the PAMRUSER variable.
     Successful assumption requires knowledge of the role's pass-
     word and membership in the role. Role assignments are speci-
     fied in userattr(4).

EXAMPLES
     Example 1 Sample output





SunOS 5.11          Last change: 14 Feb 2001                    1






User Commands                                            roles(1)



     The output of the roles command has the following form:


       example% roles tester01 tester02tester01 : admin
       tester02 : secadmin, root
       example%



EXIT STATUS
     The following exit values are returned:

     0     Successful completion.


     1     An error occurred.


FILES
     /etc/userattr


     /etc/security/authattr


     /etc/security/profattr

ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     Availability                 SUNWcsu                     
    


SEE ALSO
     auths(1),   pfexec(1),   profiles(1),   rlogin(1),   su(1M),
     getauusernam(3BSM),  authattr(4),  passwd(4), profattr(4),
     shadow(4), userattr(4), attributes(5)











SunOS 5.11          Last change: 14 Feb 2001                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™