I'm having some trouble extracting from all the various posts on the Internet on using RBAC to solve a problem.
The issue is, I need to create a profile (I think) that has a specific set of capabilities so that a "user" which has that profile assigned can run those tasks in a script. (It therefore can't be interactive - no password prompts). I'd like it to be very granular - 1. Be able to stop MySQL service, run a backup script and restart the MySQL service 2. Not be able to stop/start other services 3. Not have root-like abilities everywhere in the file system, just copy specific files to specific locations on the local server. When I started looking at this the other day, I was thinking of using sudo with no password for the specific commands and tasks. But people on this list said they think it sounds like a job for RBAC. I think I'm just confused about what to do. If someone can give me some direction on how to get started, I'll work on it from there. For example, I found a profile that will allow the user to start and stop all services, but I can't find how to enable only the one (in my case MySQL) service specifically. Thanks, -- Mark ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
