Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
roles(1)			 User Commands			      roles(1)

NAME
       roles - print roles granted to a	user

SYNOPSIS
       roles [ user ...]

DESCRIPTION
       The  command  roles prints on standard output the roles that you	or the
       optionally-specified user have been granted. Roles are special accounts
       that correspond to a functional responsibility rather than to an	actual
       person (referred	to as a	normal user).

       Each user may have zero or more roles.  Roles  have  most  of  the  at-
       tributes	 of  normal  users  and	 are  identified  like normal users in
       passwd(4)  and  shadow(4).  Each	 role  must  have  an  entry  in   the
       user_attr(4)  file  that	 identifies it as a role. Roles	can have their
       own authorizations and profiles.	See auths(1) and profiles(1).

       Roles are not allowed to	log into a system as a primary user.  Instead,
       a user must log in as him-- or herself and assume the role. The actions
       of a role are attributable to the normal	user.  When  auditing  is  en-
       abled, the audited events of the	role contain the audit ID of the orig-
       inal user who assumed the role.

       A role may not assume itself or any other role. Roles are  not  hierar-
       chical.	However,  rights  profiles (see	prof_attr(4)) are hierarchical
       and can be used to achieve the same effect as hierarchical roles.

       Roles must have valid passwords and one of the shells  that  interprets
       profiles: either	pfcsh, pfksh, or pfsh. See pfexec(1).

       Role assumption may be performed	using su(1M), rlogin(1), or some other
       service that supports the PAM_RUSER variable. Successful	assumption re-
       quires  knowledge  of  the  role's password and membership in the role.
       Role assignments	are specified in user_attr(4).

EXAMPLES
       Example 1: Sample output

       The output of the roles command has the following form:

       example%	roles tester01 tester02
       tester01	: admin
       tester02	: secadmin, root
       example%

EXIT STATUS
       The following exit values are returned:

       0	Successful completion.

       1	An error occurred.

FILES
       /etc/user_attr

       /etc/security/auth_attr

       /etc/security/prof_attr

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO
       auths(1),  pfexec(1),  profiles(1),   rlogin(1),	  su(1M),   getauuser-
       nam(3BSM),    auth_attr(4),    passwd(4),    prof_attr(4),   shadow(4),
       user_attr(4), attributes(5)

SunOS 5.10			  14 Feb 2001			      roles(1)
NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | EXIT STATUS | FILES | ATTRIBUTES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=roles&sektion=1&manpath=SunOS+5.10>

home | help