Mercurial > illumos > illumos-gate
view usr/src/lib/libsecdb/exec_attr.txt @ 13025:3c7681e3e323
PSARC 2010/059 SNAP BE Management
6964804 SNAP BE management into ON
6971379 libbe should capture and give useful error when installgrub or ict.py fails.
6971390 beadm does not support labeled brand zones
6971394 BEADM_ERR_BE_DOES_NOT_EXIST has an extra space
6971397 libbe error messages need internationalization
6971402 Remove be_get_last_zone_be_callback
6971409 be_create_menu returns errors from both be_errno_t and errno sets
| author | Glenn Lagasse <glenn.lagasse@oracle.com> |
|---|---|
| date | Wed, 04 Aug 2010 12:28:19 -0700 |
| parents | 32a41a5f8110 |
| children | 8f28cf08bb11 |
line wrap: on
line source
# # CDDL HEADER START # # The contents of this file are subject to the terms of the # Common Development and Distribution License (the "License"). # You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. # See the License for the specific language governing permissions # and limitations under the License. # # When distributing Covered Code, include this CDDL HEADER in each # file and include the License file at usr/src/OPENSOLARIS.LICENSE. # If applicable, add the following below this CDDL HEADER, with the # fields enclosed by brackets "[]" replaced with your own identifying # information: Portions Copyright [yyyy] [name of copyright owner] # # CDDL HEADER END # # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. # # /etc/security/exec_attr # # execution attributes for profiles. see exec_attr(4) # # All:suser:cmd:::*: Audit Control:solaris:cmd:::/usr/sbin/audit:privs=proc_owner,sys_audit Audit Configuration:solaris:::/usr/sbin/auditconfig:privs=sys_audit Audit Review:solaris:cmd:::/usr/sbin/auditreduce:euid=0 Audit Review:solaris:cmd:::/usr/sbin/auditstat:privs=proc_audit Audit Review:solaris:cmd:::/usr/sbin/praudit:privs=file_dac_read Contract Observer:solaris:cmd:::/usr/bin/ctwatch:\ privs=contract_event,contract_observer Cron Management:suser:cmd:::/usr/bin/crontab:euid=0 Crypto Management:suser:cmd:::/usr/sbin/cryptoadm:euid=0 Crypto Management:suser:cmd:::/usr/bin/kmfcfg:euid=0 Crypto Management:suser:cmd:::/usr/sfw/bin/openssl:euid=0 Crypto Management:suser:cmd:::/usr/sfw/bin/CA.pl:euid=0 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhcpconfig:uid=0 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhtadm:uid=0 DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/pntadm:uid=0 Device Management:suser:cmd:::/usr/sbin/allocate:uid=0 Device Management:suser:cmd:::/usr/sbin/add_drv:uid=0 Device Management:suser:cmd:::/usr/sbin/deallocate:uid=0 Device Management:suser:cmd:::/usr/sbin/rem_drv:uid=0 Device Management:suser:cmd:::/usr/sbin/update_drv:uid=0 Device Security:suser:cmd:::/usr/sbin/add_drv:uid=0 Device Security:suser:cmd:::/usr/sbin/devfsadm:uid=0 Device Security:suser:cmd:::/usr/sbin/eeprom:uid=0 Device Security:solaris:cmd:::/usr/bin/kbd:uid=0;gid=sys Device Security:suser:cmd:::/usr/sbin/list_devices:euid=0 Device Security:suser:cmd:::/usr/sbin/rem_drv:uid=0 Device Security:suser:cmd:::/usr/sbin/strace:euid=0 Device Security:suser:cmd:::/usr/sbin/update_drv:uid=0 Device Security:suser:cmd:::/usr/sbin/add_allocatable:euid=0 Device Security:suser:cmd:::/usr/sbin/remove_allocatable:euid=0 FTP Management:suser:cmd:::/usr/sbin/ftpaddhost:uid=0 FTP Management:suser:cmd:::/usr/sbin/ftpconfig:uid=0 FTP Management:suser:cmd:::/usr/sbin/ftprestart:euid=0 FTP Management:suser:cmd:::/usr/sbin/ftpshut:euid=0;egid=sys FTP Management:suser:cmd:::/usr/sbin/privatepw:uid=0;egid=sys File System Management:solaris:cmd:::/sbin/mount:privs=sys_mount File System Management:solaris:cmd:::/sbin/umount:privs=sys_mount File System Management:suser:cmd:::/usr/bin/eject:euid=0 File System Management:suser:cmd:::/usr/bin/mkdir:euid=0 File System Management:suser:cmd:::/usr/bin/rmdir:euid=0 File System Management:suser:cmd:::/usr/lib/autofs/automountd:euid=0 File System Management:suser:cmd:::/usr/lib/fs/autofs/automount:euid=0 File System Management:suser:cmd:::/usr/lib/fs/nfs/showmount:euid=0 File System Management:suser:cmd:::/usr/lib/fs/ufs/fsirand:euid=0 File System Management:suser:cmd:::/usr/lib/fs/ufs/newfs:euid=0 File System Management:suser:cmd:::/usr/lib/fs/ufs/tunefs:uid=0 File System Management:suser:cmd:::/usr/sbin/clri:euid=0 File System Management:suser:cmd:::/usr/sbin/devinfo:euid=0 File System Management:suser:cmd:::/usr/sbin/dfmounts:euid=0 File System Management:suser:cmd:::/usr/sbin/dfshares:euid=0 File System Management:suser:cmd:::/usr/sbin/ff:euid=0 File System Management:suser:cmd:::/usr/sbin/format:euid=0 File System Management:suser:cmd:::/usr/sbin/fsck:euid=0 File System Management:suser:cmd:::/usr/sbin/fsdb:euid=0 File System Management:suser:cmd:::/usr/sbin/fstyp:euid=0 File System Management:suser:cmd:::/usr/sbin/fuser:euid=0 File System Management:solaris:cmd:::/usr/sbin/iscsiadm:euid=0;privs=basic File System Management:suser:cmd:::/usr/sbin/mkfile:euid=0 File System Management:suser:cmd:::/usr/sbin/mkfs:euid=0 File System Management:suser:cmd:::/usr/sbin/mount:uid=0 File System Management:suser:cmd:::/usr/sbin/mountall:uid=0 File System Management:solaris:cmd:::/usr/sbin/mpathadm:privs=sys_devices File System Management:solaris:cmd:::/usr/sbin/quotacheck:uid=0;gid=sys File System Management:solaris:cmd:::/usr/sbin/quotaoff:uid=0;gid=sys File System Management:solaris:cmd:::/usr/sbin/quotaon:uid=0;gid=sys File System Management:solaris:cmd:::/usr/sbin/raidctl:privs=sys_config,sys_devices;euid=0 File System Management:suser:cmd:::/usr/sbin/ramdiskadm:euid=0 File System Management:solaris:cmd:::/usr/sbin/sasinfo:privs=sys_devices File System Management:solaris:cmd:::/usr/sbin/sbdadm:privs=sys_devices File System Management:suser:cmd:::/usr/sbin/share:uid=0;gid=root File System Management:suser:cmd:::/usr/sbin/sharemgr:uid=0;gid=root File System Management:suser:cmd:::/usr/sbin/shareall:uid=0;gid=root File System Management:solaris:cmd:::/usr/sbin/stmfadm:privs=sys_devices File System Management:suser:cmd:::/usr/sbin/swap:euid=0 File System Management:suser:cmd:::/usr/sbin/umount:uid=0 File System Management:suser:cmd:::/usr/sbin/umountall:uid=0 File System Management:suser:cmd:::/usr/sbin/unshare:uid=0;gid=root File System Management:suser:cmd:::/usr/sbin/unshareall:uid=0;gid=root Forced Privilege:solaris:cmd:::/usr/bin/newtask:\ privs=proc_taskid,sys_resource,sys_res_config,proc_priocntl Forced Privilege:solaris:cmd:::/usr/bin/rcp:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/bin/rdist:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/bin/rlogin:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/bin/rmformat:\ privs=file_dac_read,file_dac_write,proc_fork,proc_exec,sys_mount,sys_devices Forced Privilege:solaris:cmd:::/usr/bin/rsh:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/bin/w:privs=proc_owner Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/quota:privs=file_dac_read Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/ufsdump:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/lib/fs/ufs/ufsrestore:privs=net_privaddr Forced Privilege:solaris:cmd:::/usr/sbin/ping:\ privs=net_icmpaccess,sys_ip_config Forced Privilege:solaris:cmd:::/usr/sbin/traceroute:\ privs=net_icmpaccess,net_rawaccess Forced Privilege:solaris:cmd:::/usr/sbin/whodo:privs=proc_owner Forced Privilege:solaris:cmd:::/usr/lib/fs/smbfs/mount:privs=sys_mount Forced Privilege:solaris:cmd:::/usr/lib/fs/smbfs/umount:privs=sys_mount IP Filter Management:solaris:cmd:::/usr/sbin/ipf:privs=sys_ip_config IP Filter Management:solaris:cmd:::/usr/sbin/ipfs:privs=sys_ip_config IP Filter Management:solaris:cmd:::/usr/sbin/ipmon:privs=sys_ip_config IP Filter Management:solaris:cmd:::/usr/sbin/ipfstat:privs=sys_ip_config;gid=sys IP Filter Management:solaris:cmd:::/usr/sbin/ipnat:privs=sys_ip_config;gid=sys IP Filter Management:solaris:cmd:::/usr/sbin/ippool:privs=sys_ip_config;gid=sys Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/krb5kdc:uid=0 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kadmind:uid=0 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kprop:euid=0;privs=none Kerberos Server Management:solaris:cmd:::/usr/sbin/kadmin.local:euid=0;privs=none Kerberos Server Management:solaris:cmd:::/usr/sbin/kdb5_util:euid=0;privs=none Kerberos Server Management:solaris:cmd:::/usr/sbin/kdb5_ldap_util:euid=0;privs=none Kerberos Server Management:solaris:cmd:::/usr/sbin/kdcmgr:euid=0;privs=none Kerberos Client Management:solaris:cmd:::/usr/bin/klist:euid=0;privs=file_dac_read Kerberos Client Management:solaris:cmd:::/usr/sbin/kadmin:euid=0;privs=none Kerberos Client Management:solaris:cmd:::/usr/sbin/kclient:euid=0;privs=none Log Management:suser:cmd:::/usr/sbin/logadm:euid=0 Mail Management:suser:cmd:::/usr/lib/sendmail:uid=0 Mail Management:suser:cmd:::/usr/sbin/editmap:euid=0 Mail Management:suser:cmd:::/usr/sbin/makemap:euid=0 Mail Management:suser:cmd:::/usr/sbin/newaliases:euid=0 Maintenance and Repair:solaris:cmd:::/usr/bin/mdb:privs=all Maintenance and Repair:suser:cmd:::/usr/bin/mdb:euid=0 Maintenance and Repair:solaris:cmd:::/usr/bin/coreadm:euid=0;privs=proc_owner Maintenance and Repair:suser:cmd:::/usr/bin/date:euid=0 Maintenance and Repair:suser:cmd:::/usr/bin/ldd:euid=0 Maintenance and Repair:suser:cmd:::/usr/bin/vmstat:euid=0 Maintenance and Repair:suser:cmd:::/usr/sbin/eeprom:euid=0 Maintenance and Repair:suser:cmd:::/usr/sbin/halt:euid=0 Maintenance and Repair:suser:cmd:::/sbin/init:uid=0 Maintenance and Repair:solaris:cmd:::/usr/sbin/pcitool:privs=all Maintenance and Repair:suser:cmd:::/usr/sbin/poweroff:uid=0 Maintenance and Repair:suser:cmd:::/usr/sbin/prtconf:euid=0 Maintenance and Repair:suser:cmd:::/usr/sbin/reboot:uid=0 Maintenance and Repair:suser:cmd:::/usr/sbin/syslogd:euid=0 Maintenance and Repair:suser:cmd:::/sbin/bootadm:euid=0 Maintenance and Repair:solaris:cmd:::/usr/sbin/ucodeadm:privs=all Media Backup:suser:cmd:::/usr/bin/mt:euid=0 Media Backup:suser:cmd:::/usr/lib/fs/ufs/ufsdump:euid=0;gid=sys Media Backup:suser:cmd:::/usr/sbin/tar:euid=0 Media Catalog:solaris:cmd:::/usr/bin/bart:\ privs=file_dac_read,file_dac_search Media Restore:suser:cmd:::/usr/bin/cpio:euid=0 Media Restore:suser:cmd:::/usr/bin/mt:euid=0 Media Restore:suser:cmd:::/usr/lib/fs/ufs/ufsrestore:euid=0 Media Restore:suser:cmd:::/usr/sbin/tar:euid=0 Name Service Management:suser:cmd:::/usr/sbin/nscd:euid=0 Name Service Security:suser:cmd:::/usr/bin/chkey:euid=0 Name Service Security:suser:cmd:::/usr/sbin/ldapclient:uid=0 Name Service Security:suser:cmd:::/usr/sbin/newkey:euid=0 Network Management:solaris:cmd:::/sbin/ifconfig:uid=0 Network Management:solaris:cmd:::/sbin/route:privs=sys_ip_config Network Management:solaris:cmd:::/sbin/routeadm:euid=0;\ privs=proc_chroot,proc_owner,sys_ip_config Network Management:solaris:cmd:::/sbin/dladm:euid=dladm;egid=netadm;\ privs=sys_dl_config,net_rawaccess,proc_audit Network Management:solaris:cmd:::/sbin/dlstat:euid=dladm;egid=sys; Network Management:solaris:cmd:::/sbin/flowadm:euid=dladm;egid=sys;\ privs=sys_dl_config,net_rawaccess,proc_audit Network Management:solaris:cmd:::/sbin/flowstat:euid=dladm;egid=sys; Network Management:solaris:cmd:::/sbin/ipadm:euid=netadm;egid=netadm;\ privs=sys_ip_config,net_rawaccess Network Management:suser:cmd:::/usr/bin/netstat:uid=0 Network Management:suser:cmd:::/usr/bin/rup:euid=0 Network Management:suser:cmd:::/usr/bin/ruptime:euid=0 Network Management:suser:cmd:::/usr/bin/setuname:euid=0 Network Management:suser:cmd:::/usr/sbin/asppp2pppd:euid=0 Network Management:suser:cmd:::/usr/sbin/ifconfig:uid=0 Network Management:suser:cmd:::/usr/sbin/ipaddrsel:euid=0 Network Management:suser:cmd:::/usr/sbin/ipqosconf:euid=0 Network Management:suser:cmd:::/usr/sbin/rndc:privs=file_dac_read Network Management:suser:cmd:::/usr/sbin/route:uid=0 Network Management:suser:cmd:::/usr/sbin/snoop:uid=0 Network Management:solaris:cmd:::/usr/sbin/snoop:privs=net_observability Network Management:suser:cmd:::/usr/sbin/spray:euid=0 Network Observability:solaris:cmd:::/usr/sbin/snoop:privs=net_observability Network Link Security:solaris:cmd:::/sbin/dladm:euid=dladm;egid=sys;\ privs=sys_dl_config,net_rawaccess,proc_audit Network Link Security:solaris:cmd:::/sbin/dlstat:euid=dladm;egid=sys; Network IPsec Management:solaris:cmd:::/usr/lib/inet/certdb:euid=0;privs=none Network IPsec Management:solaris:cmd:::/usr/lib/inet/certlocal:euid=0;privs=none Network IPsec Management:solaris:cmd:::/usr/lib/inet/certrldb:euid=0;privs=none Network IPsec Management:solaris:cmd:::/usr/lib/inet/in.iked:euid=0 Network IPsec Management:solaris:cmd:::/usr/sbin/ikeadm:euid=0;privs=file_dac_write Network IPsec Management:solaris:cmd:::/usr/sbin/ikecert:euid=0;privs=none Network IPsec Management:solaris:cmd:::/usr/sbin/ipsecconf:euid=0;privs=sys_ip_config Network IPsec Management:solaris:cmd:::/usr/sbin/ipseckey:uid=0;privs=sys_ip_config Network IPsec Management:solaris:cmd:::/usr/sbin/ipsecalgs:privs=sys_ip_config Network IPsec Management:suser:cmd:::/usr/lib/inet/certdb:euid=0 Network IPsec Management:suser:cmd:::/usr/lib/inet/certlocal:euid=0 Network IPsec Management:suser:cmd:::/usr/lib/inet/certrldb:euid=0 Network IPsec Management:suser:cmd:::/usr/lib/inet/in.iked:euid=0 Network IPsec Management:suser:cmd:::/usr/sbin/ikeadm:euid=0 Network IPsec Management:suser:cmd:::/usr/sbin/ikecert:euid=0 Network IPsec Management:suser:cmd:::/usr/sbin/ipsecconf:euid=0 Network IPsec Management:suser:cmd:::/usr/sbin/ipseckey:uid=0 Network IPsec Management:suser:cmd:::/usr/sbin/ipsecalgs:euid=0 Network Security:solaris:cmd:::/usr/sbin/ksslcfg:euid=0 Network Security:suser:cmd:::/usr/bin/ssh-keygen:uid=0;gid=sys Object Access Management:solaris:cmd:::/usr/bin/chgrp:privs=file_chown Object Access Management:solaris:cmd:::/usr/bin/chmod:privs=file_owner Object Access Management:solaris:cmd:::/usr/bin/chown:privs=file_chown Object Access Management:solaris:cmd:::/usr/bin/setfacl:privs=file_owner Object Access Management:suser:cmd:::/usr/bin/chgrp:euid=0 Object Access Management:suser:cmd:::/usr/bin/chmod:euid=0 Object Access Management:suser:cmd:::/usr/bin/chown:euid=0 Object Access Management:suser:cmd:::/usr/bin/getfacl:euid=0 Object Access Management:suser:cmd:::/usr/bin/setfacl:euid=0 Primary Administrator:solaris:cmd:::*:uid=0;gid=0 Printer Management:suser:cmd:::/usr/lib/lp/local/lpadmin:uid=lp;gid=lp Printer Management:suser:cmd:::/usr/sbin/lpfilter:euid=lp;uid=lp Printer Management:suser:cmd:::/usr/sbin/lpforms:euid=lp Printer Management:suser:cmd:::/usr/sbin/lpusers:euid=lp Printer Management:suser:cmd:::/usr/sbin/ppdmgr:euid=0 Process Management:solaris:cmd:::/usr/bin/kill:privs=proc_owner Process Management:solaris:cmd:::/usr/bin/nice:privs=proc_owner,proc_priocntl Process Management:solaris:cmd:::/usr/bin/pcred:privs=proc_owner Process Management:solaris:cmd:::/usr/bin/pfiles:privs=proc_owner Process Management:solaris:cmd:::/usr/bin/pflags:privs=proc_owner Process Management:solaris:cmd:::/usr/bin/ppriv:privs=proc_owner Process Management:solaris:cmd:::/usr/bin/renice:privs=proc_owner,proc_priocntl Process Management:suser:cmd:::/usr/bin/crontab:euid=0 Process Management:suser:cmd:::/usr/bin/kill:euid=0 Process Management:suser:cmd:::/usr/bin/nice:euid=0 Process Management:suser:cmd:::/usr/bin/pcred:euid=0 Process Management:suser:cmd:::/usr/bin/pfiles:euid=0 Process Management:suser:cmd:::/usr/bin/pflags:euid=0 Process Management:suser:cmd:::/usr/bin/pldd:euid=0 Process Management:suser:cmd:::/usr/bin/pmap:euid=0 Process Management:suser:cmd:::/usr/bin/prun:euid=0 Process Management:suser:cmd:::/usr/bin/ps:euid=0 Process Management:suser:cmd:::/usr/bin/psig:euid=0 Process Management:suser:cmd:::/usr/bin/pstack:euid=0 Process Management:suser:cmd:::/usr/bin/pstop:euid=0 Process Management:suser:cmd:::/usr/bin/ptime:euid=0 Process Management:suser:cmd:::/usr/bin/ptree:euid=0 Process Management:suser:cmd:::/usr/bin/pwait:euid=0 Process Management:suser:cmd:::/usr/bin/pwdx:euid=0 Process Management:suser:cmd:::/usr/bin/renice:euid=0 Process Management:suser:cmd:::/usr/bin/truss:euid=0 Process Management:suser:cmd:::/usr/sbin/fuser:euid=0 Process Management:solaris:cmd:::/usr/sbin/rcapadm:uid=0 Project Management:solaris:cmd:::/usr/sbin/projadd:euid=0 Project Management:solaris:cmd:::/usr/sbin/projmod:euid=0 Project Management:solaris:cmd:::/usr/sbin/projdel:euid=0 Software Installation:suser:cmd:::/sbin/beadm:uid=0;gid=bin Software Installation:suser:cmd:::/usr/bin/ln:euid=0 Software Installation:suser:cmd:::/usr/bin/pkginfo:uid=0 Software Installation:suser:cmd:::/usr/bin/pkgmk:uid=0 Software Installation:suser:cmd:::/usr/bin/pkgparam:uid=0 Software Installation:suser:cmd:::/usr/bin/pkgproto:uid=0 Software Installation:suser:cmd:::/usr/bin/pkgtrans:uid=0 Software Installation:suser:cmd:::/usr/ccs/bin/make:euid=0 Software Installation:suser:cmd:::/usr/sbin/install:euid=0 Software Installation:suser:cmd:::/usr/sbin/pkgadd:uid=0;gid=bin Software Installation:suser:cmd:::/usr/sbin/pkgask:uid=0 Software Installation:suser:cmd:::/usr/sbin/pkgchk:uid=0 Software Installation:suser:cmd:::/usr/sbin/pkgrm:uid=0;gid=bin System Event Management:suser:cmd:::/usr/sbin/syseventadm:uid=0 User Management:suser:cmd:::/usr/sbin/grpck:euid=0 User Management:suser:cmd:::/usr/sbin/pwck:euid=0 User Management:solaris:cmd:::/usr/sbin/useradd:uid=0 User Management:solaris:cmd:::/usr/sbin/userdel:uid=0 User Management:solaris:cmd:::/usr/sbin/usermod:uid=0 User Management:solaris:cmd:::/usr/sbin/roleadd:uid=0 User Management:solaris:cmd:::/usr/sbin/roledel:uid=0 User Management:solaris:cmd:::/usr/sbin/rolemod:uid=0 User Management:solaris:cmd:::/usr/sbin/groupadd:uid=0 User Management:solaris:cmd:::/usr/sbin/groupdel:uid=0 User Management:solaris:cmd:::/usr/sbin/groupmod:uid=0 User Security:suser:cmd:::/usr/bin/passwd:uid=0 User Security:suser:cmd:::/usr/sbin/pwck:euid=0 User Security:suser:cmd:::/usr/sbin/pwconv:euid=0 DAT Administration:solaris:cmd:::/usr/sbin/datadm:euid=0 ZFS File System Management:solaris:cmd:::/sbin/zfs:euid=0 ZFS Storage Management:solaris:cmd:::/sbin/zpool:uid=0 ZFS Storage Management:solaris:cmd:::/usr/lib/zfs/availdevs:uid=0 Zone Security:solaris:cmd:::/usr/sbin/txzonemgr:uid=0 Zone Security:solaris:cmd:::/usr/sbin/zonecfg:uid=0 Zone Management:solaris:cmd:::/usr/sbin/zoneadm:euid=0 Zone Management:solaris:cmd:::/usr/sbin/zlogin:euid=0 acctadm:solaris:cmd:::/usr/sbin/acctadm:euid=0;egid=0;privs=sys_acct,file_dac_write