adminrole(1M) adminrole(1M)
NAME
adminrole - display, add, change, delete roles in the TFM
database
SYNOPSIS
adminrole [-n] [-a [cmd:path[:priv[:priv . . .]][,. . .]] role . . .
adminrole [-a [cmd:path[:priv[:priv . . .]][, . . .]] role . . .
[-r cmd[:priv[:priv . . .]][, . . .]] role . . .
adminrole [-d] role . . .
adminrole
DESCRIPTION
The adminrole command allows administrators to display, add,
change, and delete roles in the Trusted Facility Management
database. The TFM database is the vehicle through which
unprivileged user processes run privileged commands.
A role contains a list of commands. Each command contains a
(possibly empty) list of privileges. The tfadmin command will
use these privileges to set up its process before it invokes
this command for a member of the role. The adminrole command
has the following options:
-n For every role in the list, create a new role
description.
-a Add a command to a role, add the role to the database if
it does not already exist.
-r Remove a command from a role or remove privileges from a
command within a role.
-d Delete a role.
No options
List the contents of the specified roles.
No Arguments
List the contents of all roles in the database.
The adminrole command takes as its arguments the list of roles
to which
the actions specified by the options applies. The argument to
the -a or -r
option is a comma-separated list of command descriptions. For
the -a option,
Copyright 1994 Novell, Inc. Page 1
adminrole(1M) adminrole(1M)
the command description includes the name of the command to be
added,
the full path at which the command file resides, and the
privilege set, rep-
resented by a colon-separated list of privilege names (for
example, mount:/etc/mount:macread:mount). There is no limit on
the length of the path name; however, / ("root" or "slash")
alone may not be specified.
The command description for the -r option is the same as for
the -a option except that the full path and the separating
colon are not given (for example, mount:macread:mount).
If users in the specified role(s) get no privilege when they
invoke the command, the privilege description may be omitted;
that is, if the definition to be removed does not have any
privileges associated with it (it merely provides an alias for
the command), then you do not have to specify privileges when
removing that definition.
Note that in any case when you use the -r option and you do
not specify privileges, the definition is removed entirely
from that role. Future attempts to use that command in that
role with tfadmin will return errors. If you do specify
privileges, then only those privileges are removed from the
definition. This can leave you with a definition that has no
privilege associated with it. In this case, users in that role
can run the command with tfadmin, but will gain no privileges
by doing so. The command will function solely as an alias for
the path provided in the definition.
The -n and -r options may not be used together. Doing so will
cause an error, since incompatible options have been
specified.
If the -d is used in an attempt to delete a non-existent role,
an error will result.
REFERENCES
adminuser(1M), intro(2), tfadmin(1M)
DIAGNOSTICS
This command exits with a 0 if all requested operations
succeeded, 1 if any operation failed.
Copyright 1994 Novell, Inc. Page 2
adminrole(1M) adminrole(1M)
The following diagnostic messages are printed by adminrole:
command name ``cmd'' already exists
role name ``role'' already exists
undefined role name ``role''
process privilege ``priv'' does not exist in command
``cmd''
insufficient command specification: ``string''
full command pathname must be specified
duplicate process privilege: ``priv''
cannot add role ``role''
cannot alter role ``role''
role ``role'' currently being changed, try again later
cannot remove role ``role''
cannot change command ``cmd''
full path to TFM database must be specified
undefined command name ``cmd''
TFM database does not exist
cannot initialize TFM database
improper command name: ``string''
invalid process privilege: ``string''
unrecognized privilege number: ``number''
incompatible options specified
Copyright 1994 Novell, Inc. Page 3