Vikash Tulsiyan wrote, On 08/17/09 04:57:
> I am writing a script that allows any user(with appropriate permissions) to
> install packages and start/stop some services on opensolaris. As far as i
> know only Primary Administrator has the priviledge to perform these task. Is
> my understanding correct or any other role allows similar privilege?
>
Look in "/etc/security/prof_attr" and you will see a comprehensive set
of as shipped with the OS profiles that can be used if you want to limit
access to specific tasks. You can also create custom ones.
Also check out /etc/security/auth_attr plus a Google search on
"Solaris RBAC" is useful.
> Also whats the best way to find out if a given user has a particular role or
> not. Say in my script if i am looking if a particular user have Primary
> Administrator role or not. Is
> [i]profiles {USER} | grep -i Primary Administrator[/i]
> a good check or is there a better way?
>
That is what I would use
