Mercurial > illumos > illumos-gate
annotate usr/src/lib/libsecdb/exec_attr.txt @ 13025:3c7681e3e323
PSARC 2010/059 SNAP BE Management
6964804 SNAP BE management into ON
6971379 libbe should capture and give useful error when installgrub or ict.py fails.
6971390 beadm does not support labeled brand zones
6971394 BEADM_ERR_BE_DOES_NOT_EXIST has an extra space
6971397 libbe error messages need internationalization
6971402 Remove be_get_last_zone_be_callback
6971409 be_create_menu returns errors from both be_errno_t and errno sets
| author | Glenn Lagasse <glenn.lagasse@oracle.com> |
|---|---|
| date | Wed, 04 Aug 2010 12:28:19 -0700 |
| parents | 32a41a5f8110 |
| children | 8f28cf08bb11 |
| rev | line source |
|---|---|
|
12239
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
1 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
2 # CDDL HEADER START |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
3 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
4 # The contents of this file are subject to the terms of the |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
5 # Common Development and Distribution License (the "License"). |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
6 # You may not use this file except in compliance with the License. |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
7 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
8 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
9 # or http://www.opensolaris.org/os/licensing. |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
10 # See the License for the specific language governing permissions |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
11 # and limitations under the License. |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
12 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
13 # When distributing Covered Code, include this CDDL HEADER in each |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
14 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
15 # If applicable, add the following below this CDDL HEADER, with the |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
16 # fields enclosed by brackets "[]" replaced with your own identifying |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
17 # information: Portions Copyright [yyyy] [name of copyright owner] |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
18 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
19 # CDDL HEADER END |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
20 # |
|
7954df8328c0
6928457 MMS end of feature (fix CDDL, fix packaging)
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12206
diff
changeset
|
21 |
|
12206
96c3e6ae396d
PSARC/2010/064 EOF of MMS - Media Management System
Paul Cheng <Paul.Cheng@Sun.COM>
parents:
12019
diff
changeset
|
22 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. |
|
3999
666384b31577
6222297 lpsched and lpshut should be corrected/removed from exec_attr
jacobs
parents:
3781
diff
changeset
|
23 # |
| 0 | 24 # /etc/security/exec_attr |
| 25 # | |
| 26 # execution attributes for profiles. see exec_attr(4) | |
| 27 # | |
| 28 # | |
| 29 All:suser:cmd:::*: | |
|
12930
32a41a5f8110
PSARC/2009/636 Obsolete getacinfo(3bsm)
Jan Friedel <Jan.Friedel@Sun.COM>
parents:
12896
diff
changeset
|
30 Audit Control:solaris:cmd:::/usr/sbin/audit:privs=proc_owner,sys_audit |
|
32a41a5f8110
PSARC/2009/636 Obsolete getacinfo(3bsm)
Jan Friedel <Jan.Friedel@Sun.COM>
parents:
12896
diff
changeset
|
31 Audit Configuration:solaris:::/usr/sbin/auditconfig:privs=sys_audit |
|
32a41a5f8110
PSARC/2009/636 Obsolete getacinfo(3bsm)
Jan Friedel <Jan.Friedel@Sun.COM>
parents:
12896
diff
changeset
|
32 Audit Review:solaris:cmd:::/usr/sbin/auditreduce:euid=0 |
|
32a41a5f8110
PSARC/2009/636 Obsolete getacinfo(3bsm)
Jan Friedel <Jan.Friedel@Sun.COM>
parents:
12896
diff
changeset
|
33 Audit Review:solaris:cmd:::/usr/sbin/auditstat:privs=proc_audit |
|
32a41a5f8110
PSARC/2009/636 Obsolete getacinfo(3bsm)
Jan Friedel <Jan.Friedel@Sun.COM>
parents:
12896
diff
changeset
|
34 Audit Review:solaris:cmd:::/usr/sbin/praudit:privs=file_dac_read |
| 0 | 35 Contract Observer:solaris:cmd:::/usr/bin/ctwatch:\ |
| 36 privs=contract_event,contract_observer | |
| 37 Cron Management:suser:cmd:::/usr/bin/crontab:euid=0 | |
| 38 Crypto Management:suser:cmd:::/usr/sbin/cryptoadm:euid=0 | |
| 3501 | 39 Crypto Management:suser:cmd:::/usr/bin/kmfcfg:euid=0 |
| 0 | 40 Crypto Management:suser:cmd:::/usr/sfw/bin/openssl:euid=0 |
| 41 Crypto Management:suser:cmd:::/usr/sfw/bin/CA.pl:euid=0 | |
| 42 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhcpconfig:uid=0 | |
| 43 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhtadm:uid=0 | |
| 44 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/pntadm:uid=0 | |
| 45 Device Management:suser:cmd:::/usr/sbin/allocate:uid=0 | |
| 46 Device Management:suser:cmd:::/usr/sbin/add_drv:uid=0 | |
| 47 Device Management:suser:cmd:::/usr/sbin/deallocate:uid=0 | |
| 48 Device Management:suser:cmd:::/usr/sbin/rem_drv:uid=0 | |
| 49 Device Management:suser:cmd:::/usr/sbin/update_drv:uid=0 | |
| 50 Device Security:suser:cmd:::/usr/sbin/add_drv:uid=0 | |
| 51 Device Security:suser:cmd:::/usr/sbin/devfsadm:uid=0 | |
| 52 Device Security:suser:cmd:::/usr/sbin/eeprom:uid=0 | |
| 53 Device Security:solaris:cmd:::/usr/bin/kbd:uid=0;gid=sys | |
| 54 Device Security:suser:cmd:::/usr/sbin/list_devices:euid=0 | |
| 55 Device Security:suser:cmd:::/usr/sbin/rem_drv:uid=0 | |
| 56 Device Security:suser:cmd:::/usr/sbin/strace:euid=0 | |
| 57 Device Security:suser:cmd:::/usr/sbin/update_drv:uid=0 | |
|
4746
0bc0c48f4304
PSARC 2007/254 - Enabling method for Trusted Extensions
rica
parents:
4581
diff
changeset
|
58 Device Security:suser:cmd:::/usr/sbin/add_allocatable:euid=0 |
|
0bc0c48f4304
PSARC 2007/254 - Enabling method for Trusted Extensions
rica
parents:
4581
diff
changeset
|
59 Device Security:suser:cmd:::/usr/sbin/remove_allocatable:euid=0 |
| 0 | 60 FTP Management:suser:cmd:::/usr/sbin/ftpaddhost:uid=0 |
| 61 FTP Management:suser:cmd:::/usr/sbin/ftpconfig:uid=0 | |
| 62 FTP Management:suser:cmd:::/usr/sbin/ftprestart:euid=0 | |
| 63 FTP Management:suser:cmd:::/usr/sbin/ftpshut:euid=0;egid=sys | |
| 64 FTP Management:suser:cmd:::/usr/sbin/privatepw:uid=0;egid=sys | |
| 65 File System Management:solaris:cmd:::/sbin/mount:privs=sys_mount | |
| 66 File System Management:solaris:cmd:::/sbin/umount:privs=sys_mount | |
| 67 File System Management:suser:cmd:::/usr/bin/eject:euid=0 | |
| 68 File System Management:suser:cmd:::/usr/bin/mkdir:euid=0 | |
| 69 File System Management:suser:cmd:::/usr/bin/rmdir:euid=0 | |
| 70 File System Management:suser:cmd:::/usr/lib/autofs/automountd:euid=0 | |
| 71 File System Management:suser:cmd:::/usr/lib/fs/autofs/automount:euid=0 | |
| 72 File System Management:suser:cmd:::/usr/lib/fs/nfs/showmount:euid=0 | |
| 73 File System Management:suser:cmd:::/usr/lib/fs/ufs/fsirand:euid=0 | |
| 74 File System Management:suser:cmd:::/usr/lib/fs/ufs/newfs:euid=0 | |
| 75 File System Management:suser:cmd:::/usr/lib/fs/ufs/tunefs:uid=0 | |
| 76 File System Management:suser:cmd:::/usr/sbin/clri:euid=0 | |
| 77 File System Management:suser:cmd:::/usr/sbin/devinfo:euid=0 | |
| 78 File System Management:suser:cmd:::/usr/sbin/dfmounts:euid=0 | |
| 79 File System Management:suser:cmd:::/usr/sbin/dfshares:euid=0 | |
| 80 File System Management:suser:cmd:::/usr/sbin/ff:euid=0 | |
| 81 File System Management:suser:cmd:::/usr/sbin/format:euid=0 | |
| 82 File System Management:suser:cmd:::/usr/sbin/fsck:euid=0 | |
| 83 File System Management:suser:cmd:::/usr/sbin/fsdb:euid=0 | |
| 84 File System Management:suser:cmd:::/usr/sbin/fstyp:euid=0 | |
| 85 File System Management:suser:cmd:::/usr/sbin/fuser:euid=0 | |
|
9552
8d9ff54ba154
6464916 "/etc/security/exec_attr" contains incorrect policy and typos
Ritwik Ghoshal <Ritwik.Ghoshal@Sun.COM>
parents:
9537
diff
changeset
|
86 File System Management:solaris:cmd:::/usr/sbin/iscsiadm:euid=0;privs=basic |
| 0 | 87 File System Management:suser:cmd:::/usr/sbin/mkfile:euid=0 |
| 88 File System Management:suser:cmd:::/usr/sbin/mkfs:euid=0 | |
| 89 File System Management:suser:cmd:::/usr/sbin/mount:uid=0 | |
| 90 File System Management:suser:cmd:::/usr/sbin/mountall:uid=0 | |
|
7836
4e95154b5b7a
6745433 Merge NWS consolidation into OS/Net consolidation
John Forte <John.Forte@Sun.COM>
parents:
7734
diff
changeset
|
91 File System Management:solaris:cmd:::/usr/sbin/mpathadm:privs=sys_devices |
| 0 | 92 File System Management:solaris:cmd:::/usr/sbin/quotacheck:uid=0;gid=sys |
| 93 File System Management:solaris:cmd:::/usr/sbin/quotaoff:uid=0;gid=sys | |
| 94 File System Management:solaris:cmd:::/usr/sbin/quotaon:uid=0;gid=sys | |
| 3457 | 95 File System Management:solaris:cmd:::/usr/sbin/raidctl:privs=sys_config,sys_devices;euid=0 |
| 0 | 96 File System Management:suser:cmd:::/usr/sbin/ramdiskadm:euid=0 |
|
10652
9d0aff74d6fd
PSARC/2008/687 T11 Storage Management HBA API(SM-HBA)
Hyon Kim <Hyon.Kim@Sun.COM>
parents:
9552
diff
changeset
|
97 File System Management:solaris:cmd:::/usr/sbin/sasinfo:privs=sys_devices |
|
7836
4e95154b5b7a
6745433 Merge NWS consolidation into OS/Net consolidation
John Forte <John.Forte@Sun.COM>
parents:
7734
diff
changeset
|
98 File System Management:solaris:cmd:::/usr/sbin/sbdadm:privs=sys_devices |
| 0 | 99 File System Management:suser:cmd:::/usr/sbin/share:uid=0;gid=root |
| 3034 | 100 File System Management:suser:cmd:::/usr/sbin/sharemgr:uid=0;gid=root |
| 0 | 101 File System Management:suser:cmd:::/usr/sbin/shareall:uid=0;gid=root |
|
7836
4e95154b5b7a
6745433 Merge NWS consolidation into OS/Net consolidation
John Forte <John.Forte@Sun.COM>
parents:
7734
diff
changeset
|
102 File System Management:solaris:cmd:::/usr/sbin/stmfadm:privs=sys_devices |
| 0 | 103 File System Management:suser:cmd:::/usr/sbin/swap:euid=0 |
| 104 File System Management:suser:cmd:::/usr/sbin/umount:uid=0 | |
| 105 File System Management:suser:cmd:::/usr/sbin/umountall:uid=0 | |
| 106 File System Management:suser:cmd:::/usr/sbin/unshare:uid=0;gid=root | |
| 107 File System Management:suser:cmd:::/usr/sbin/unshareall:uid=0;gid=root | |
|
12273
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
108 Forced Privilege:solaris:cmd:::/usr/bin/newtask:\ |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
109 privs=proc_taskid,sys_resource,sys_res_config,proc_priocntl |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
110 Forced Privilege:solaris:cmd:::/usr/bin/rcp:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
111 Forced Privilege:solaris:cmd:::/usr/bin/rdist:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
112 Forced Privilege:solaris:cmd:::/usr/bin/rlogin:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
113 Forced Privilege:solaris:cmd:::/usr/bin/rmformat:\ |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
114 privs=file_dac_read,file_dac_write,proc_fork,proc_exec,sys_mount,sys_devices |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
115 Forced Privilege:solaris:cmd:::/usr/bin/rsh:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
116 Forced Privilege:solaris:cmd:::/usr/bin/w:privs=proc_owner |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
117 Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/quota:privs=file_dac_read |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
118 Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/ufsdump:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
119 Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/ufsrestore:privs=net_privaddr |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
120 Forced Privilege:solaris:cmd:::/usr/sbin/ping:\ |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
121 privs=net_icmpaccess,sys_ip_config |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
122 Forced Privilege:solaris:cmd:::/usr/sbin/traceroute:\ |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
123 privs=net_icmpaccess,net_rawaccess |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
124 Forced Privilege:solaris:cmd:::/usr/sbin/whodo:privs=proc_owner |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
125 Forced Privilege:solaris:cmd:::/usr/lib/fs/smbfs/mount:privs=sys_mount |
|
63678502e95e
PSARC 2009/377 In-kernel pfexec implementation.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
12239
diff
changeset
|
126 Forced Privilege:solaris:cmd:::/usr/lib/fs/smbfs/umount:privs=sys_mount |
| 3448 | 127 IP Filter Management:solaris:cmd:::/usr/sbin/ipf:privs=sys_ip_config |
| 128 IP Filter Management:solaris:cmd:::/usr/sbin/ipfs:privs=sys_ip_config | |
| 129 IP Filter Management:solaris:cmd:::/usr/sbin/ipmon:privs=sys_ip_config | |
| 130 IP Filter Management:solaris:cmd:::/usr/sbin/ipfstat:privs=sys_ip_config;gid=sys | |
| 131 IP Filter Management:solaris:cmd:::/usr/sbin/ipnat:privs=sys_ip_config;gid=sys | |
| 132 IP Filter Management:solaris:cmd:::/usr/sbin/ippool:privs=sys_ip_config;gid=sys | |
| 0 | 133 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/krb5kdc:uid=0 |
| 134 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kadmind:uid=0 | |
| 135 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kprop:euid=0;privs=none | |
| 136 Kerberos Server Management:solaris:cmd:::/usr/sbin/kadmin.local:euid=0;privs=none | |
| 137 Kerberos Server Management:solaris:cmd:::/usr/sbin/kdb5_util:euid=0;privs=none | |
|
4960
a4746a82a247
PSARC/2006/277 Support for Kerberos Records in LDAP Directory
willf
parents:
4746
diff
changeset
|
138 Kerberos Server Management:solaris:cmd:::/usr/sbin/kdb5_ldap_util:euid=0;privs=none |
| 5086 | 139 Kerberos Server Management:solaris:cmd:::/usr/sbin/kdcmgr:euid=0;privs=none |
| 0 | 140 Kerberos Client Management:solaris:cmd:::/usr/bin/klist:euid=0;privs=file_dac_read |
| 141 Kerberos Client Management:solaris:cmd:::/usr/sbin/kadmin:euid=0;privs=none | |
| 142 Kerberos Client Management:solaris:cmd:::/usr/sbin/kclient:euid=0;privs=none | |
| 143 Log Management:suser:cmd:::/usr/sbin/logadm:euid=0 | |
| 144 Mail Management:suser:cmd:::/usr/lib/sendmail:uid=0 | |
| 145 Mail Management:suser:cmd:::/usr/sbin/editmap:euid=0 | |
| 146 Mail Management:suser:cmd:::/usr/sbin/makemap:euid=0 | |
| 147 Mail Management:suser:cmd:::/usr/sbin/newaliases:euid=0 | |
| 148 Maintenance and Repair:solaris:cmd:::/usr/bin/mdb:privs=all | |
| 149 Maintenance and Repair:suser:cmd:::/usr/bin/mdb:euid=0 | |
|
7734
c46e039795b8
6751138 libc's lint library is missing definition for __assert_c99
David Powell <David.Powell@sun.com>
parents:
7577
diff
changeset
|
150 Maintenance and Repair:solaris:cmd:::/usr/bin/coreadm:euid=0;privs=proc_owner |
| 0 | 151 Maintenance and Repair:suser:cmd:::/usr/bin/date:euid=0 |
| 152 Maintenance and Repair:suser:cmd:::/usr/bin/ldd:euid=0 | |
| 153 Maintenance and Repair:suser:cmd:::/usr/bin/vmstat:euid=0 | |
| 154 Maintenance and Repair:suser:cmd:::/usr/sbin/eeprom:euid=0 | |
| 155 Maintenance and Repair:suser:cmd:::/usr/sbin/halt:euid=0 | |
|
2115
a40e8f141552
6351677 bootadm should allow certain sub-commands to be run by non-root users
vikram
parents:
1583
diff
changeset
|
156 Maintenance and Repair:suser:cmd:::/sbin/init:uid=0 |
|
9537
587ddeb721a7
6788312 Array overrun in pci_tools
Erwin T Tsaur <Erwin.Tsaur@Sun.COM>
parents:
9298
diff
changeset
|
157 Maintenance and Repair:solaris:cmd:::/usr/sbin/pcitool:privs=all |
| 0 | 158 Maintenance and Repair:suser:cmd:::/usr/sbin/poweroff:uid=0 |
| 159 Maintenance and Repair:suser:cmd:::/usr/sbin/prtconf:euid=0 | |
| 160 Maintenance and Repair:suser:cmd:::/usr/sbin/reboot:uid=0 | |
| 161 Maintenance and Repair:suser:cmd:::/usr/sbin/syslogd:euid=0 | |
|
862
12c6677a0383
6315667 bootadm complains when running init under pfexec
vikram
parents:
789
diff
changeset
|
162 Maintenance and Repair:suser:cmd:::/sbin/bootadm:euid=0 |
| 4581 | 163 Maintenance and Repair:solaris:cmd:::/usr/sbin/ucodeadm:privs=all |
| 0 | 164 Media Backup:suser:cmd:::/usr/bin/mt:euid=0 |
| 165 Media Backup:suser:cmd:::/usr/lib/fs/ufs/ufsdump:euid=0;gid=sys | |
| 166 Media Backup:suser:cmd:::/usr/sbin/tar:euid=0 | |
|
9298
5ecf9483b3ec
6436517 bart needs to be large files aware to support ZFS roots greater than 2TB
William Young <William.Young@Sun.COM>
parents:
8275
diff
changeset
|
167 Media Catalog:solaris:cmd:::/usr/bin/bart:\ |
|
5ecf9483b3ec
6436517 bart needs to be large files aware to support ZFS roots greater than 2TB
William Young <William.Young@Sun.COM>
parents:
8275
diff
changeset
|
168 privs=file_dac_read,file_dac_search |
| 0 | 169 Media Restore:suser:cmd:::/usr/bin/cpio:euid=0 |
| 170 Media Restore:suser:cmd:::/usr/bin/mt:euid=0 | |
| 171 Media Restore:suser:cmd:::/usr/lib/fs/ufs/ufsrestore:euid=0 | |
| 172 Media Restore:suser:cmd:::/usr/sbin/tar:euid=0 | |
| 173 Name Service Management:suser:cmd:::/usr/sbin/nscd:euid=0 | |
| 174 Name Service Security:suser:cmd:::/usr/bin/chkey:euid=0 | |
| 175 Name Service Security:suser:cmd:::/usr/sbin/ldapclient:uid=0 | |
| 176 Name Service Security:suser:cmd:::/usr/sbin/newkey:euid=0 | |
| 177 Network Management:solaris:cmd:::/sbin/ifconfig:uid=0 | |
| 3448 | 178 Network Management:solaris:cmd:::/sbin/route:privs=sys_ip_config |
| 0 | 179 Network Management:solaris:cmd:::/sbin/routeadm:euid=0;\ |
| 3448 | 180 privs=proc_chroot,proc_owner,sys_ip_config |
|
11767
8f30d0e611c6
PSARC/2008/532 NWAM Phase 1
Anurag S. Maskey <Anurag.Maskey@Sun.COM>
parents:
11262
diff
changeset
|
181 Network Management:solaris:cmd:::/sbin/dladm:euid=dladm;egid=netadm;\ |
|
7408
eff7960d93cd
PSARC 2008/473 Fine-Grained Privileges for Datalink Administration
Sebastien Roy <Sebastien.Roy@Sun.COM>
parents:
7103
diff
changeset
|
182 privs=sys_dl_config,net_rawaccess,proc_audit |
|
11878
ac93462db6d7
PSARC/2009/364 dlstat and flowstat
Venugopal Iyer <Venu.Iyer@Sun.COM>
parents:
11876
diff
changeset
|
183 Network Management:solaris:cmd:::/sbin/dlstat:euid=dladm;egid=sys; |
|
ac93462db6d7
PSARC/2009/364 dlstat and flowstat
Venugopal Iyer <Venu.Iyer@Sun.COM>
parents:
11876
diff
changeset
|
184 Network Management:solaris:cmd:::/sbin/flowadm:euid=dladm;egid=sys;\ |
|
8275
7c223a798022
PSARC/2006/357 Crossbow - Network Virtualization and Resource Management
Eric Cheng
parents:
8023
diff
changeset
|
185 privs=sys_dl_config,net_rawaccess,proc_audit |
|
11878
ac93462db6d7
PSARC/2009/364 dlstat and flowstat
Venugopal Iyer <Venu.Iyer@Sun.COM>
parents:
11876
diff
changeset
|
186 Network Management:solaris:cmd:::/sbin/flowstat:euid=dladm;egid=sys; |
|
12016
0248e987199b
PSARC 2009/306 Brussels II - ipadm and libipadm
Girish Moodalbail <Girish.Moodalbail@Sun.COM>
parents:
11878
diff
changeset
|
187 Network Management:solaris:cmd:::/sbin/ipadm:euid=netadm;egid=netadm;\ |
|
0248e987199b
PSARC 2009/306 Brussels II - ipadm and libipadm
Girish Moodalbail <Girish.Moodalbail@Sun.COM>
parents:
11878
diff
changeset
|
188 privs=sys_ip_config,net_rawaccess |
| 0 | 189 Network Management:suser:cmd:::/usr/bin/netstat:uid=0 |
| 190 Network Management:suser:cmd:::/usr/bin/rup:euid=0 | |
| 191 Network Management:suser:cmd:::/usr/bin/ruptime:euid=0 | |
| 192 Network Management:suser:cmd:::/usr/bin/setuname:euid=0 | |
| 193 Network Management:suser:cmd:::/usr/sbin/asppp2pppd:euid=0 | |
| 194 Network Management:suser:cmd:::/usr/sbin/ifconfig:uid=0 | |
| 195 Network Management:suser:cmd:::/usr/sbin/ipaddrsel:euid=0 | |
| 196 Network Management:suser:cmd:::/usr/sbin/ipqosconf:euid=0 | |
| 197 Network Management:suser:cmd:::/usr/sbin/rndc:privs=file_dac_read | |
| 198 Network Management:suser:cmd:::/usr/sbin/route:uid=0 | |
| 199 Network Management:suser:cmd:::/usr/sbin/snoop:uid=0 | |
|
8023
faf256d5c16c
PSARC/2006/475 Clearview: IP Observability Devices
Philip Kirk <Phil.Kirk@Sun.COM>
parents:
7836
diff
changeset
|
200 Network Management:solaris:cmd:::/usr/sbin/snoop:privs=net_observability |
| 0 | 201 Network Management:suser:cmd:::/usr/sbin/spray:euid=0 |
|
8023
faf256d5c16c
PSARC/2006/475 Clearview: IP Observability Devices
Philip Kirk <Phil.Kirk@Sun.COM>
parents:
7836
diff
changeset
|
202 Network Observability:solaris:cmd:::/usr/sbin/snoop:privs=net_observability |
| 3147 | 203 Network Link Security:solaris:cmd:::/sbin/dladm:euid=dladm;egid=sys;\ |
|
7408
eff7960d93cd
PSARC 2008/473 Fine-Grained Privileges for Datalink Administration
Sebastien Roy <Sebastien.Roy@Sun.COM>
parents:
7103
diff
changeset
|
204 privs=sys_dl_config,net_rawaccess,proc_audit |
|
11878
ac93462db6d7
PSARC/2009/364 dlstat and flowstat
Venugopal Iyer <Venu.Iyer@Sun.COM>
parents:
11876
diff
changeset
|
205 Network Link Security:solaris:cmd:::/sbin/dlstat:euid=dladm;egid=sys; |
|
4465
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
206 Network IPsec Management:solaris:cmd:::/usr/lib/inet/certdb:euid=0;privs=none |
|
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
207 Network IPsec Management:solaris:cmd:::/usr/lib/inet/certlocal:euid=0;privs=none |
|
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
208 Network IPsec Management:solaris:cmd:::/usr/lib/inet/certrldb:euid=0;privs=none |
|
4235
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
209 Network IPsec Management:solaris:cmd:::/usr/lib/inet/in.iked:euid=0 |
|
4465
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
210 Network IPsec Management:solaris:cmd:::/usr/sbin/ikeadm:euid=0;privs=file_dac_write |
|
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
211 Network IPsec Management:solaris:cmd:::/usr/sbin/ikecert:euid=0;privs=none |
|
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
212 Network IPsec Management:solaris:cmd:::/usr/sbin/ipsecconf:euid=0;privs=sys_ip_config |
|
9a4c9f167839
6560798 Network IPsec Management profile should be refined
pwernau
parents:
4235
diff
changeset
|
213 Network IPsec Management:solaris:cmd:::/usr/sbin/ipseckey:uid=0;privs=sys_ip_config |
|
4235
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
214 Network IPsec Management:solaris:cmd:::/usr/sbin/ipsecalgs:privs=sys_ip_config |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
215 Network IPsec Management:suser:cmd:::/usr/lib/inet/certdb:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
216 Network IPsec Management:suser:cmd:::/usr/lib/inet/certlocal:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
217 Network IPsec Management:suser:cmd:::/usr/lib/inet/certrldb:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
218 Network IPsec Management:suser:cmd:::/usr/lib/inet/in.iked:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
219 Network IPsec Management:suser:cmd:::/usr/sbin/ikeadm:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
220 Network IPsec Management:suser:cmd:::/usr/sbin/ikecert:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
221 Network IPsec Management:suser:cmd:::/usr/sbin/ipsecconf:euid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
222 Network IPsec Management:suser:cmd:::/usr/sbin/ipseckey:uid=0 |
|
037e335b7d68
PSARC 2007/200 - Dedicated SMF services for IPsec/IKE
markfen
parents:
3999
diff
changeset
|
223 Network IPsec Management:suser:cmd:::/usr/sbin/ipsecalgs:euid=0 |
| 898 | 224 Network Security:solaris:cmd:::/usr/sbin/ksslcfg:euid=0 |
| 0 | 225 Network Security:suser:cmd:::/usr/bin/ssh-keygen:uid=0;gid=sys |
| 226 Object Access Management:solaris:cmd:::/usr/bin/chgrp:privs=file_chown | |
| 227 Object Access Management:solaris:cmd:::/usr/bin/chmod:privs=file_owner | |
| 228 Object Access Management:solaris:cmd:::/usr/bin/chown:privs=file_chown | |
| 229 Object Access Management:solaris:cmd:::/usr/bin/setfacl:privs=file_owner | |
| 230 Object Access Management:suser:cmd:::/usr/bin/chgrp:euid=0 | |
| 231 Object Access Management:suser:cmd:::/usr/bin/chmod:euid=0 | |
| 232 Object Access Management:suser:cmd:::/usr/bin/chown:euid=0 | |
| 233 Object Access Management:suser:cmd:::/usr/bin/getfacl:euid=0 | |
| 234 Object Access Management:suser:cmd:::/usr/bin/setfacl:euid=0 | |
|
11838
32bb5d254240
PSARC 2010/067 Interim modernization updates
Liane Praza <Liane.Praza@Sun.COM>
parents:
11767
diff
changeset
|
235 Primary Administrator:solaris:cmd:::*:uid=0;gid=0 |
|
3999
666384b31577
6222297 lpsched and lpshut should be corrected/removed from exec_attr
jacobs
parents:
3781
diff
changeset
|
236 Printer Management:suser:cmd:::/usr/lib/lp/local/lpadmin:uid=lp;gid=lp |
| 0 | 237 Printer Management:suser:cmd:::/usr/sbin/lpfilter:euid=lp;uid=lp |
| 238 Printer Management:suser:cmd:::/usr/sbin/lpforms:euid=lp | |
| 239 Printer Management:suser:cmd:::/usr/sbin/lpusers:euid=lp | |
| 3781 | 240 Printer Management:suser:cmd:::/usr/sbin/ppdmgr:euid=0 |
| 0 | 241 Process Management:solaris:cmd:::/usr/bin/kill:privs=proc_owner |
| 242 Process Management:solaris:cmd:::/usr/bin/nice:privs=proc_owner,proc_priocntl | |
| 243 Process Management:solaris:cmd:::/usr/bin/pcred:privs=proc_owner | |
| 244 Process Management:solaris:cmd:::/usr/bin/pfiles:privs=proc_owner | |
| 245 Process Management:solaris:cmd:::/usr/bin/pflags:privs=proc_owner | |
| 246 Process Management:solaris:cmd:::/usr/bin/ppriv:privs=proc_owner | |
| 247 Process Management:solaris:cmd:::/usr/bin/renice:privs=proc_owner,proc_priocntl | |
| 248 Process Management:suser:cmd:::/usr/bin/crontab:euid=0 | |
| 249 Process Management:suser:cmd:::/usr/bin/kill:euid=0 | |
| 250 Process Management:suser:cmd:::/usr/bin/nice:euid=0 | |
| 251 Process Management:suser:cmd:::/usr/bin/pcred:euid=0 | |
| 252 Process Management:suser:cmd:::/usr/bin/pfiles:euid=0 | |
| 253 Process Management:suser:cmd:::/usr/bin/pflags:euid=0 | |
| 254 Process Management:suser:cmd:::/usr/bin/pldd:euid=0 | |
| 255 Process Management:suser:cmd:::/usr/bin/pmap:euid=0 | |
| 256 Process Management:suser:cmd:::/usr/bin/prun:euid=0 | |
| 257 Process Management:suser:cmd:::/usr/bin/ps:euid=0 | |
| 258 Process Management:suser:cmd:::/usr/bin/psig:euid=0 | |
| 259 Process Management:suser:cmd:::/usr/bin/pstack:euid=0 | |
| 260 Process Management:suser:cmd:::/usr/bin/pstop:euid=0 | |
| 261 Process Management:suser:cmd:::/usr/bin/ptime:euid=0 | |
| 262 Process Management:suser:cmd:::/usr/bin/ptree:euid=0 | |
| 263 Process Management:suser:cmd:::/usr/bin/pwait:euid=0 | |
| 264 Process Management:suser:cmd:::/usr/bin/pwdx:euid=0 | |
| 265 Process Management:suser:cmd:::/usr/bin/renice:euid=0 | |
| 266 Process Management:suser:cmd:::/usr/bin/truss:euid=0 | |
| 267 Process Management:suser:cmd:::/usr/sbin/fuser:euid=0 | |
| 268 Process Management:solaris:cmd:::/usr/sbin/rcapadm:uid=0 | |
| 269 Project Management:solaris:cmd:::/usr/sbin/projadd:euid=0 | |
| 270 Project Management:solaris:cmd:::/usr/sbin/projmod:euid=0 | |
| 271 Project Management:solaris:cmd:::/usr/sbin/projdel:euid=0 | |
|
13025
3c7681e3e323
PSARC 2010/059 SNAP BE Management
Glenn Lagasse <glenn.lagasse@oracle.com>
parents:
12930
diff
changeset
|
272 Software Installation:suser:cmd:::/sbin/beadm:uid=0;gid=bin |
| 0 | 273 Software Installation:suser:cmd:::/usr/bin/ln:euid=0 |
| 274 Software Installation:suser:cmd:::/usr/bin/pkginfo:uid=0 | |
| 275 Software Installation:suser:cmd:::/usr/bin/pkgmk:uid=0 | |
| 276 Software Installation:suser:cmd:::/usr/bin/pkgparam:uid=0 | |
| 277 Software Installation:suser:cmd:::/usr/bin/pkgproto:uid=0 | |
| 278 Software Installation:suser:cmd:::/usr/bin/pkgtrans:uid=0 | |
| 279 Software Installation:suser:cmd:::/usr/ccs/bin/make:euid=0 | |
| 280 Software Installation:suser:cmd:::/usr/sbin/install:euid=0 | |
| 281 Software Installation:suser:cmd:::/usr/sbin/pkgadd:uid=0;gid=bin | |
| 282 Software Installation:suser:cmd:::/usr/sbin/pkgask:uid=0 | |
| 283 Software Installation:suser:cmd:::/usr/sbin/pkgchk:uid=0 | |
| 284 Software Installation:suser:cmd:::/usr/sbin/pkgrm:uid=0;gid=bin | |
| 285 System Event Management:suser:cmd:::/usr/sbin/syseventadm:uid=0 | |
| 286 User Management:suser:cmd:::/usr/sbin/grpck:euid=0 | |
| 287 User Management:suser:cmd:::/usr/sbin/pwck:euid=0 | |
|
11064
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
288 User Management:solaris:cmd:::/usr/sbin/useradd:uid=0 |
|
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
289 User Management:solaris:cmd:::/usr/sbin/userdel:uid=0 |
|
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
290 User Management:solaris:cmd:::/usr/sbin/usermod:uid=0 |
|
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
291 User Management:solaris:cmd:::/usr/sbin/roleadd:uid=0 |
|
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
292 User Management:solaris:cmd:::/usr/sbin/roledel:uid=0 |
|
51207b1af901
6234679 useradd, usermod, userdel fails when run by a user that has the "User Management" profile assigned.
Casper H.S. Dik <Casper.Dik@Sun.COM>
parents:
10652
diff
changeset
|
293 User Management:solaris:cmd:::/usr/sbin/rolemod:uid=0 |
| 0 | 294 User Management:solaris:cmd:::/usr/sbin/groupadd:uid=0 |
| 295 User Management:solaris:cmd:::/usr/sbin/groupdel:uid=0 | |
| 296 User Management:solaris:cmd:::/usr/sbin/groupmod:uid=0 | |
| 297 User Security:suser:cmd:::/usr/bin/passwd:uid=0 | |
| 298 User Security:suser:cmd:::/usr/sbin/pwck:euid=0 | |
| 299 User Security:suser:cmd:::/usr/sbin/pwconv:euid=0 | |
| 300 DAT Administration:solaris:cmd:::/usr/sbin/datadm:euid=0 | |
| 996 | 301 ZFS File System Management:solaris:cmd:::/sbin/zfs:euid=0 |
| 302 ZFS Storage Management:solaris:cmd:::/sbin/zpool:uid=0 | |
|
1583
f5bab1129c55
6395964 availdevs should be included in ZFS execution profile
talley
parents:
996
diff
changeset
|
303 ZFS Storage Management:solaris:cmd:::/usr/lib/zfs/availdevs:uid=0 |
|
12578
f9062c43c8bc
4963290 RFE: implement flexible zone administration that doesn't require uid=0
Glenn Faden <Glenn.Faden@Sun.COM>
parents:
12273
diff
changeset
|
304 Zone Security:solaris:cmd:::/usr/sbin/txzonemgr:uid=0 |
|
f9062c43c8bc
4963290 RFE: implement flexible zone administration that doesn't require uid=0
Glenn Faden <Glenn.Faden@Sun.COM>
parents:
12273
diff
changeset
|
305 Zone Security:solaris:cmd:::/usr/sbin/zonecfg:uid=0 |
|
f9062c43c8bc
4963290 RFE: implement flexible zone administration that doesn't require uid=0
Glenn Faden <Glenn.Faden@Sun.COM>
parents:
12273
diff
changeset
|
306 Zone Management:solaris:cmd:::/usr/sbin/zoneadm:euid=0 |
|
f9062c43c8bc
4963290 RFE: implement flexible zone administration that doesn't require uid=0
Glenn Faden <Glenn.Faden@Sun.COM>
parents:
12273
diff
changeset
|
307 Zone Management:solaris:cmd:::/usr/sbin/zlogin:euid=0 |
|
7103
3cde99325878
PSARC 2008/087 Extended Accounting Conversion to SMF
ml93401
parents:
6278
diff
changeset
|
308 acctadm:solaris:cmd:::/usr/sbin/acctadm:euid=0;egid=0;privs=sys_acct,file_dac_write |