Are you able to specify a the profile you want to use in pfexec?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by jigjig on Server Fault See other posts from Server Fault or by jigjig
Published on 2010-06-09T22:55:26Z Indexed on 2010/06/09 23:02 UTC
Read the original article Hit count: 202

Filed under:
|

Are you able to specify which profile you want to use for a given user when using pfexec who has been assigned multiple profiles?

One example for this use is so that we can execute a command as a different user within the same process. In exec_attr, you are able to specify the uid/gid that will be used to execute a particular command as in the following example entry:

Name Service Security:suser:cmd:::/usr/sbin/rpc.nsid:uid=0;gid=0

The above profile will use the super user (uid=0) to execute the rpc.nsid command.

In user_attr, you can specify multiple profiles as below: testuser::::type=normal;profiles=Name Service Security,Object Access Management

Can you then specify directly to use the Object Access Management profile to pfexec?

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about opensolaris

Related posts about rbac

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle