Mercurial > illumos > illumos-gate
view usr/src/man/man1m/projmod.1m @ 13659:57451298f940
1469 ttyc/ttyd should be an allowed console device
Reviewed by: Milan Jurik <milan.jurik@xylab.cz>
Reviewed by: Alexander Eremin <alexander.r.eremin@gmail.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
| author | Gary Mills <gary_mills@fastmail.fm> |
|---|---|
| date | Thu, 05 Apr 2012 08:47:21 -0500 |
| parents | 5b2854ecc12d |
| children |
line wrap: on
line source
'\" te .\" Copyright (c) 2007, Sun Microsystems, Inc. All Rights Reserved. .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] .TH PROJMOD 1M "Feb 22, 2007" .SH NAME projmod \- modify a project's information on the system .SH SYNOPSIS .LP .nf \fBprojmod\fR [\fB-n\fR] [\fB-A\fR|\fB-f\fR \fIfilename\fR | -] .fi .LP .nf \fBprojmod\fR [\fB-n\fR] [\fB-A\fR|\fB-f\fR \fIfilename\fR | -] [\fB-p\fR \fIprojid\fR [\fB-o\fR]] [\fB-c\fR \fIcomment\fR] [\fB-a\fR|\fB-s\fR|\fB-r\fR] [\fB-U\fR \fIuser\fR [,\fIuser\fR]... ] [\fB-G\fR \fIgroup\fR [,\fIgroup\fR]... ] [ [\fB-K\fR \fIname\fR [=\fIvalue\fR [,\fIvalue\fR]...]...]] [\fB-l\fR \fInew_projectname\fR] \fIproject\fR .fi .SH DESCRIPTION .sp .LP The \fBprojmod\fR utility modifies a project's definition on the system. \fBprojmod\fR changes the definition of the specified project and makes the appropriate project-related system file and file system changes. .SH OPTIONS .sp .LP The following options are supported: .sp .ne 2 .na \fB\fB-A\fR\fR .ad .RS 29n Apply the project's resource controls, as defined in the system's project database, to the project if it is active. .RE .sp .ne 2 .na \fB\fB-a\fR\fR .ad .RS 29n Specify that the users, groups, attributes, or attribute values specified by the \fB-U\fR, \fB-G\fR or \fB-K\fR options should be added to the project, rather than replacing the existing member or attribute list. .RE .sp .ne 2 .na \fB\fB-c\fR \fIcomment\fR\fR .ad .RS 29n Specify \fIcomment\fR as a text string. Generally, \fIcomment\fR contains a short description of the project. This information is stored in the project's \fB/etc/project\fR entry. .RE .sp .ne 2 .na \fB\fB-f\fR \fIfilename\fR | -\fR .ad .RS 29n Specify the project file to modify or validate or specify input from stdin for validation. As noted under OPERANDS, if you do not specify a project in a \fBprojmod\fR command line, \fBprojmod\fR validates the argument to \fB-f\fR. If you do not use this option, the system project file, \fB/etc/project\fR, is modified. .RE .sp .ne 2 .na \fB\fB-G\fR \fIgroup\fR [,\fIgroup\fR...]\fR .ad .RS 29n Specify a replacement list of member groups of the project. When used in conjunction with the \fB-a\fR or \fB-r\fR options, this option specifies a list of groups to be added or removed from the project. .RE .sp .ne 2 .na \fB\fB-K\fR \fIname\fR[=\fIvalue\fR[,\fIvalue\fR...]\fR .ad .RS 29n Specify a replacement list of project attributes for the project. When used in conjunction with the \fB-a\fR, \fB-r\fR, or \fB-s\fR options, this option specifies a list of attribute values to be added, removed, or replaced in the project. Attributes must be delimited by semicolons (\fB;\fR). Multiple \fB-K\fR options can be specified to set, add, remove, or substitute values on multiple keys, such as: .sp .in +2 .nf -K \fIkey1\fR=\fIvalue1\fR -K "\fIkey2\fR=(\fIvalue2a\fR),(\fIvalue2b\fR)" .fi .in -2 Resource control attributes use parentheses to specify values for a key. Because many user shells interpret parentheses as special characters, it is best to enclose an argument to \fB-K\fR that contains parentheses with double quotes, as shown above and in EXAMPLES, below. See \fBresource_controls\fR(5) for a description of the resource controls you can specify for a project. .RE .sp .ne 2 .na \fB\fB-l\fR \fInew_projectname\fR\fR .ad .RS 29n Specify the new project name for the project. The \fInew_projectname\fR argument is a string consisting of characters from the set of alphabetic characters, numeric characters, period (\fB\&.\fR), underline (\fB_\fR), and hyphen (\fB-\fR). The first character should be alphabetic. An error message is written if these restrictions are not met. The project name must also be unique within the project file. .RE .sp .ne 2 .na \fB\fB-n\fR\fR .ad .RS 29n Syntax check. Check the format of the existing system project file and modifications only. The contents of the existing project file, such as user names, group names, and resources that are specified in the project attributes are not checked. .RE .sp .ne 2 .na \fB\fB-o\fR\fR .ad .RS 29n This option allows the project ID specified by the \fB-p\fR option to be non-unique within the project file. .RE .sp .ne 2 .na \fB\fB-p\fR \fIprojid\fR\fR .ad .RS 29n Specify a new project \fBID\fR for the project. It must be a non-negative decimal integer less than \fBMAXUID\fR as defined in \fBparam.h\fR. This value must be unique within the project file if the \fB-o\fR option is not specified. .RE .sp .ne 2 .na \fB\fB-r\fR\fR .ad .RS 29n Specify that the users, groups, attributes, or attribute values specified by the \fB-U\fR, \fB-G\fR or \fB-K\fR options should be removed from the project, rather than replacing the existing member or attribute list. .RE .sp .ne 2 .na \fB\fB-s\fR\fR .ad .RS 29n Specify that the list of attributes specified by the \fB-K\fR option should have their values replaced. If the attributes do not exist, they are added as if the a option was used. This option has no effect the \fB-U\fR or \fB-G\fR options. .RE .sp .ne 2 .na \fB\fB-U\fR \fIuser\fR [,\fIuser\fR...]\fR .ad .RS 29n Specify a replacement list of member users of the project. When used in conjunction with the \fB-a\fR or \fB-r\fR options, this option specifies a list of users to be added or removed from the project. .RE .SH OPERANDS .sp .LP The following operands are supported: .sp .ne 2 .na \fB\fIproject\fR\fR .ad .RS 11n An existing project name to be modified or displayed. .RE .sp .ne 2 .na \fB\fI(none)\fR\fR .ad .RS 11n If no operand is given, the project file is validated without modifying any project. .RE .SH EXAMPLES .LP \fBExample 1 \fRUsing the \fB-K\fR Option for Addition of an Attribute Value .sp .LP Consider the following \fBproject\fR(4) entry: .sp .in +2 .nf salesaudit:111:Auditing Project::sales,finance: \e process.max-file-size=(priv,52428800,deny); \e task.max-lwps=(priv,100,deny) .fi .in -2 .sp .LP The preceding would appear as one line in \fB/etc/project\fR. For this and the following examples, the focus is on the attributes field in the \fBproject\fR entry. That is, the last field, the field following the last semicolon. .sp .LP The attributes field for the project \fBsalesaudit\fR lists the following resource control: .sp .in +2 .nf task.max-lwps=(priv,1000,signal=KILL) .fi .in -2 .sp .LP The following \fBprojmod\fR command adds an action clause to the preceding entry: .sp .in +2 .nf # projmod -a -K "task.max-lwps=(priv,100,deny)" salesaudit .fi .in -2 .sp .LP \&...with the resulting attributes field in the entry for \fBsalesaudit\fR: .sp .in +2 .nf task.max-lwps=(priv,100,deny),(priv,1000,signal=KILL) .fi .in -2 .LP \fBExample 2 \fRUsing the \fB-K\fR Option for the Substitution of an Attribute Value .sp .LP Assume an attributes field in a \fBproject\fR(4) entry for the project \fBsalesaudit\fR that lists the following resource control: .sp .in +2 .nf task.max-lwps=(priv,100,deny),(priv,1000,signal=KILL) .fi .in -2 .sp .LP The following \fBprojmod\fR command substitutes the action clause specified in the command for the action clauses in the preceding entry: .sp .in +2 .nf # projmod -s -K "task.max-lwps=(priv,500,signal=SIGSTOP)" salesaudit .fi .in -2 .sp .LP \&...with the resulting attributes field in the entry for \fBsalesaudit\fR: .sp .in +2 .nf task.max-lwps=(priv,500,signal=SIGSTOP) .fi .in -2 .LP \fBExample 3 \fRUsing the \fB-K\fR Option for Removal of an Attribute Value .sp .LP Assume an attributes field in a \fBproject\fR(4) entry for a project \fBsalesaudit\fR that lists the following resource control: .sp .in +2 .nf task.max-lwps=(priv,100,deny),(priv,1000,signal=KILL) .fi .in -2 .sp .LP The following \fBprojmod\fR command removes the first action clause from the preceding entry: .sp .in +2 .nf # projmod -r -K "task.max-lwps=(priv,100,deny)" salesaudit .fi .in -2 .sp .LP \&...with the resulting attributes field in the entry for \fBsalesaudit\fR: .sp .in +2 .nf task.max-lwps=(priv,1000,signal=KILL) .fi .in -2 .LP \fBExample 4 \fRSpecifying Multiple Attribute Values .sp .LP Suppose you want to achieve the following resource controls for the project \fBsalesaudit\fR: .sp .in +2 .nf task.max-lwps=(priv,100,deny) process.max-file-size=(priv,50MB,deny) .fi .in -2 .sp .LP The following \fBprojmod\fR command adds these resource controls for \fBsalesaudit\fR: .sp .in +2 .nf # projmod -a -K "task.max-lwps=(priv,100,deny)" \e -K "process.max-file-size=(priv,50MB,deny)" salesaudit .fi .in -2 .sp .LP \&...with the resulting attributes field in the entry for \fBsalesaudit\fR: .sp .in +2 .nf task.max-lwps=(priv,100,deny);process.max-file-size=(priv,52428800,deny) .fi .in -2 .sp .LP In this example, note the effect of the use of the modifier and scaling factor for the resource control \fBprocess.max-file-size\fR. The specification in \fBprojmod\fR: .sp .in +2 .nf "process.max-file-size=(priv,50MB,deny)" .fi .in -2 .sp .LP \&...becomes, in \fB/etc/project\fR: .sp .in +2 .nf process.max-file-size=(priv,52428800,deny) .fi .in -2 .sp .LP That is, \fB50MB\fR is expanded to \fB52428800\fR. The modifiers, such as MB, and scaling factors you can use for resource controls are specified in \fBresource_controls\fR(5). .LP \fBExample 5 \fRBinding a Pool to a Project .sp .LP The following command sets the \fBproject.pool\fR attribute for the project \fBsales\fR. .sp .in +2 .nf # projmod -a -K project.pool=salespool sales .fi .in -2 .LP \fBExample 6 \fREvaluating Input from \fBstdin\fR .sp .LP The following command uses the \fB-f\fR option without a project name operand to evaluate the contents of an NIS projects map. .sp .in +2 .nf # ypcat project | projmod -f - .fi .in -2 .SH EXIT STATUS .sp .LP In case of an error, \fBprojmod\fR prints an error message and exits with one of the following values: .sp .LP The following exit values are returned: .sp .ne 2 .na \fB\fB0\fR\fR .ad .RS 6n Successful completion. .RE .sp .ne 2 .na \fB\fB2\fR\fR .ad .RS 6n The command syntax was invalid. A usage message for \fBprojmod\fR is displayed. .RE .sp .ne 2 .na \fB\fB3\fR\fR .ad .RS 6n An invalid argument was provided to an option. .RE .sp .ne 2 .na \fB\fB4\fR\fR .ad .RS 6n The \fIprojid\fR given with the \fB-p\fR option is already in use. .RE .sp .ne 2 .na \fB\fB5\fR\fR .ad .RS 6n The project files contain an error. See \fBproject\fR(4). .RE .sp .ne 2 .na \fB\fB6\fR\fR .ad .RS 6n The project to be modified, group, user, or resource does not exist. .RE .sp .ne 2 .na \fB\fB9\fR\fR .ad .RS 6n The project is already in use. .RE .sp .ne 2 .na \fB\fB10\fR\fR .ad .RS 6n Cannot update the \fB/etc/project\fR file. .RE .SH FILES .sp .ne 2 .na \fB\fB/etc/group\fR\fR .ad .RS 16n System file containing group definitions .RE .sp .ne 2 .na \fB\fB/etc/project\fR\fR .ad .RS 16n System project file .RE .sp .ne 2 .na \fB\fB/etc/passwd\fR\fR .ad .RS 16n System password file .RE .sp .ne 2 .na \fB\fB/etc/shadow\fR\fR .ad .RS 16n System file containing users' encrypted passwords and related information .RE .SH ATTRIBUTES .sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp .sp .TS box; c | c l | l . ATTRIBUTE TYPE ATTRIBUTE VALUE _ Interface Stability See below. .TE .sp .LP Invocation is evolving. Human readable output is unstable. .SH SEE ALSO .sp .LP \fBgroupadd\fR(1M), \fBgroupdel\fR(1M), \fBgroupmod\fR(1M), \fBprojadd\fR(1M), \fBprojdel\fR(1M), \fBuseradd\fR(1M), \fBuserdel\fR(1M), \fBusermod\fR(1M), \fBpasswd\fR(4), \fBproject\fR(4), \fBattributes\fR(5), \fBresource_controls\fR(5) .SH NOTES .sp .LP The \fBprojmod\fR utility modifies project definitions only in the local \fB/etc/project\fR file. If a network name service such as \fBNIS\fR or \fBLDAP\fR is being used to supplement the local files with additional entries, \fBprojmod\fR cannot change information supplied by the network name service. However \fBprojmod\fR verifies the uniqueness of project name and project \fBID\fR against the external name service.