AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
#Power
 View Only
Back to discussions
Expand all | Collapse all

Question on rbac command setsecattr command syntax

  • 1.  Question on rbac command setsecattr command syntax

    Posted Fri September 16, 2011 05:41 PM

    Originally posted by: SystemAdmin


    I am setting up a new rbac authorization and role for a command (
    /usr/IBM/HTTPServer/bin/adminctl) that exists in the privileged command
    database already (in PV_PROC_PRIV and PV_DAC_O)

    I need to understand how to use the setsecattr to add this command to
    my authorization named ibm.HTTPServer.admin.adminctl

    Based on what I can see, the command will look something like this:
    1. setsecattr -c innateprivs=PV_PROC_PRIV, PV_DAC_0 accessauths=ibm.
    HTTPServer.admin.adminctl /usr/IBM/HTTPServer/bin/adminctl

    My question is concerning the innateprivs switch.
    Do I need to add both the 2 existing innateprivs (PV_PROC_PRIV and
    PV_DAC_O) to this command or can I leave this part off? Since I am not
    changing this, does this part need to be included in the command? If I
    do not include it in the command, will it remove that part?

    Thank you in advance!
    Jennifer
    #AIX-Forum


Related Content