tfadmin(1M) tfadmin(1M)
NAME
tfadmin - invoke a command, regulating privilege based on TFM
database information
SYNOPSIS
tfadmin [role:] cmd [args]
tfadmin -t [role:] cmd[:priv[:priv. . .]]
DESCRIPTION
The tfadmin command invokes a command at the request of an
administrative user. If the user is allowed to use privileges
with the command, tfadmin places the allowed privileges in the
maximum and working privilege sets of the process before
invoking the command.
role is a role name defined in the administrative database for
Trusted Facility Management.
cmd can be either a command defined in the TFM database or it
can be the full pathname of a command. The executable file
associated with cmd will be executed only if the user has been
defined as an administrator and has access to cmd.
If cmd is a full pathname, the last component of the pathname
(the basename) will be searched for in the TFM database. If
role was specified, the search will be limited to the
definition for the specified role. If not, each role assigned
to the user will be searched, in the order that the roles were
assigned to the user (see adminuser(1M)). Finally, any
individual commands, outside any assigned roles, assigned to
the user, will be searched.
If cmd or the basename does not exist in the user definition,
tfadmin issues an error and exits with an error code. If the
path associated with cmd in the administrative database is not
equal to the full pathname specified for cmd, tfadmin issues a
diagnostic message.
args are a set of command arguments to be passed to the
program indicated by cmd.
priv is the name of a process privilege. (See intro(2) for a
complete list of process privileges.)
Copyright 1994 Novell, Inc. Page 1
tfadmin(1M) tfadmin(1M)
In addition, if the -t option is used, a privilege vector,
consisting of one or more privilege names separated by colons
(e.g., macread:mount) may be appended to the role-command
pair, separated from it by a colon (for example,
SSA:mount:macread:mount). This privilege list is meaningful
only when the -t option is used, because it is used to test
whether the given command can be executed by the invoking user
with the specified privileges.
The tfadmin command takes the following options:
-t Test whether the user can invoke the given command with
the (optionally) given privileges. Do not execute the
command.
No options
Execute the specified command for the invoking user
taking the definition from the role argument (if
supplied). If the role does not exist in that user's
role list, print a message and fail.
REFERENCES
adminuser(1M), adminrole(1M), intro(2)
DIAGNOSTICS
If the requested operation succeeds, tfadmin executes the
command, and, therefore, does not exit. The invoked command
exits with whatever value is appropriate. If the -t option is
used and the requested privileges would have been granted to
the user invoking the requested command within the requested
role, tfadmin exits with a 0. If the -t option was specified
and tfadmin would have denied the request, tfadmin exits with
a 1. If the operation fails for any reason, tfadmin exits
with a 1 and issues a diagnostic message.
The following diagnostic messages are printed by tfadmin:
cannot execute program file: ``path''
undefined command name ``cmd''
user not allowed
cannot set up maximum privilege set
Copyright 1994 Novell, Inc. Page 2
tfadmin(1M) tfadmin(1M)
full path to TFM database must be specified
TFM database does not exist
improper command name: ``string''
invalid process privilege: ``string''
unrecognized privilege number: ``number''
Copyright 1994 Novell, Inc. Page 3