upstream/illumos/illumos-gate: usr/src/lib/libsecdb/prof

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	# CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	# The contents of this file are subject to the terms of the
750 eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	5	# Common Development and Distribution License (the "License").
eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	6	# You may not use this file except in compliance with the License.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	# or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	# See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	# and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	# When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	# If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	# fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	# information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	# CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	#
750 eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	21
eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	22	#
6007 d57e38e8fdd1 PSARC 2005/695 CIFS Client on Solaris thurlow parents: 5622 diff changeset	23	# Copyright 2008 Sun Microsystems, Inc. All rights reserved.
750 eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	24	# Use is subject to license terms.
eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	25	#
eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	26
eb6d1eb78fb9 6337435 prof_attr Basic Solaris User profile contains authorization typo gbrunett parents: 0 diff changeset	27	#
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28	# /etc/security/prof_attr
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	29	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	30	# profiles attributes. see prof_attr(4)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	31	#
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	32	All:::Execute any command as the user or role:help=RtAll.html
6561 6bceb97f4a72 6681220 There are still places that say BSM auditing that should say Solaris auditing. jf206706 parents: 6059 diff changeset	33	Audit Control:::Configure Solaris Auditing:auths=solaris.audit.config,solaris.jobs.admin;help=RtAuditCtrl.html
6bceb97f4a72 6681220 There are still places that say BSM auditing that should say Solaris auditing. jf206706 parents: 6059 diff changeset	34	Audit Review:::Review Solaris Auditing logs:auths=solaris.audit.read;help=RtAuditReview.html
7645 959583783b98 PSARC 2008/482 NWAM Phase 0.5 (picea) James Carlson <james.d.carlson@sun.com> parents: 7577 diff changeset	35	Console User:::Manage System as the Console User:profiles=Suspend To RAM,Suspend To Disk,Brightness,CPU Power Management,Network Autoconf;auths=solaris.system.shutdown;help=RtConsUser.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	36	Contract Observer:::Reliably observe any/all contract events:help=RtContractObserver.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	37	Device Management:::Control Access to Removable Media:auths=solaris.device.*;help=RtDeviceMngmnt.html
5307 ea4512a0e608 PSARC/2007/499 Automatic discovery of network attached printers jacobs parents: 5137 diff changeset	38	Printer Management:::Manage printers, daemons, spooling:auths=solaris.print.,solaris.label.print,solaris.smf.manage.discovery.printers.,solaris.smf.value.discovery.printers.*;help=RtPrntAdmin.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	39	Cron Management:::Manage at and cron jobs:auths=solaris.jobs.*,solaris.smf.manage.cron;help=RtCronMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	40	Log Management:::Manage log files:help=RtLogMngmnt.html
2912 85ea316d9c18 PSARC 2005/399 Tamarack: Removable Media Enhancements in Solaris artem parents: 995 diff changeset	41	Basic Solaris User:::Automatically assigned rights:auths=solaris.profmgr.read,solaris.jobs.user,solaris.mail.mailq,solaris.device.mount.removable;profiles=All;help=RtDefault.html
7688 2757e6e1bb2a PSARC 2006/591 Virtual Console rui zang - Sun Microsystems - Beijing China <Aaron.Zang@Sun.COM> parents: 7645 diff changeset	42	Device Security:::Manage devices and Volume Manager:auths=solaris.device.*,solaris.smf.manage.vt;help=RtDeviceSecurity.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	43	DHCP Management:::Manage the DHCP service:auths=solaris.dhcpmgr.*;help=RtDHCPMngmnt.html
7103 3cde99325878 PSARC 2008/087 Extended Accounting Conversion to SMF ml93401 parents: 6654 diff changeset	44	Extended Accounting Flow Management:::Manage the Flow Extended Accounting service:auths=solaris.smf.manage.extended-accounting.flow,solaris.smf.value.extended-accounting.flow;profiles=acctadm;help=RtExActtFlow.html
3cde99325878 PSARC 2008/087 Extended Accounting Conversion to SMF ml93401 parents: 6654 diff changeset	45	Extended Accounting Process Management:::Manage the Process Extended Accounting service:auths=solaris.smf.manage.extended-accounting.process,solaris.smf.value.extended-accounting.process;profiles=acctadm;hep=RtExAcctProcess.html
3cde99325878 PSARC 2008/087 Extended Accounting Conversion to SMF ml93401 parents: 6654 diff changeset	46	Extended Accounting Task Management:::Manage the Task Extended Accounting service:auths=solaris.smf.manage.extended-accounting.task,solaris.smf.value.extended-accounting.task;profiles=acctadm;help=RtExAcctTask.html
6007 d57e38e8fdd1 PSARC 2005/695 CIFS Client on Solaris thurlow parents: 5622 diff changeset	47	File System Management:::Manage, mount, share file systems:profiles=SMB Management,VSCAN Management,SMBFS Management;auths=solaris.smf.manage.autofs,solaris.smf.manage.shares.,solaris.smf.value.shares.;help=RtFileSysMngmnt.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	48	File System Security:::Manage file system security attributes:help=RtFileSysSecurity.html
2912 85ea316d9c18 PSARC 2005/399 Tamarack: Removable Media Enhancements in Solaris artem parents: 995 diff changeset	49	HAL Management:::Manage HAL SMF service:auths=solaris.smf.manage.hal;help=RtHALMngmnt.html
4754 0586690ea7f0 PSARC/2007/399 inetd backlog SMF property: connection_backlog vp157776 parents: 4746 diff changeset	50	Idmap Name Mapping Management:::Manage Name-based Mapping Rules of Identity Mapping Service:auths=solaris.admin.idmap.rules;help=RtIdmapNameRulesMngmnt.html
0586690ea7f0 PSARC/2007/399 inetd backlog SMF property: connection_backlog vp157776 parents: 4746 diff changeset	51	Idmap Service Management:::Manage Identity Mapping Service:auths=solaris.smf.manage.idmap,solaris.smf.value.idmap;help=RtIdmapMngmnt.html
0586690ea7f0 PSARC/2007/399 inetd backlog SMF property: connection_backlog vp157776 parents: 4746 diff changeset	52	Inetd Management:::Manage inetd configuration parameters:auths=solaris.smf.manage.inetd,solaris.smf.value.inetd;help=RtInetdMngmnt.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	53	Mail Management:::Manage sendmail & queues:auths=solaris.smf.manage.sendmail;help=RtMailMngmnt.html
4746 0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	54	Maintenance and Repair:::Maintain and repair a system:auths=solaris.smf.manage.system-log,solaris.label.range;help=RtMaintAndRepair.html
5622 e34cb33e11c9 PSARC 2007/397 NDMP Service sabdar parents: 5440 diff changeset	55	Media Backup:::Backup files and file systems:profiles=NDMP Management;help=RtMediaBkup.html
e34cb33e11c9 PSARC 2007/397 NDMP Service sabdar parents: 5440 diff changeset	56	Media Restore:::Restore files and file systems from backups:profiles=NDMP Management;help=RtMediaRestore.html
7577 4eedc1cf145c 6744920 Move the rbac profiles in MMS to the ON standard location Brian Kuyper <Brian.Kuyper@Sun.COM> parents: 7103 diff changeset	57	MMS Administrator:::MMS Media Manager Administrator:auths=solaris.smf.manage.mms,solaris.smf.modify.mms,solaris.smf.value.mms,solaris.mms.*
4eedc1cf145c 6744920 Move the rbac profiles in MMS to the ON standard location Brian Kuyper <Brian.Kuyper@Sun.COM> parents: 7103 diff changeset	58	MMS Operator:::MMS Media Manager Operator:auths=solaris.smf.manage.mms,solaris.mms.media.,solaris.mms.request.,solaris.mms.device.state.,solaris.mms.device.log.
4eedc1cf145c 6744920 Move the rbac profiles in MMS to the ON standard location Brian Kuyper <Brian.Kuyper@Sun.COM> parents: 7103 diff changeset	59	MMS User:::MMS Tape User:auths=solaris.mms.io.*
5622 e34cb33e11c9 PSARC 2007/397 NDMP Service sabdar parents: 5440 diff changeset	60	NDMP Management:::Manage the NDMP service:auths=solaris.smf.manage.ndmp,solaris.smf.value.ndmp,solaris.smf.read.ndmp;help=RtNdmpMngmnt.html
7645 959583783b98 PSARC 2008/482 NWAM Phase 0.5 (picea) James Carlson <james.d.carlson@sun.com> parents: 7577 diff changeset	61	Network Autoconf:::Manage network auto-magic configuration via nwamd:auths=solaris.network.autoconf;help=RtNetAutoconf.html
959583783b98 PSARC 2008/482 NWAM Phase 0.5 (picea) James Carlson <james.d.carlson@sun.com> parents: 7577 diff changeset	62	Network Management:::Manage the host and network configuration:auths=solaris.smf.manage.name-service-cache,solaris.smf.manage.bind,solaris.smf.value.routing,solaris.smf.manage.routing,solaris.smf.value.nwam,solaris.smf.manage.nwam,solaris.smf.manage.tnd,solaris.smf.manage.tnctl,solaris.smf.manage.wpa,solaris.smf.value.mdns,solaris.smf.manage.mdns;profiles=Network Wifi Management,Inetd Management,Network Autoconf;help=RtNetMngmnt.html
4746 0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	63	Network Security:::Manage network and host security:auths=solaris.smf.manage.ssh,solaris.smf.value.tnd;profiles=Network Wifi Security,Network Link Security,Network IPsec Management;help=RtNetSecure.html
995 044a1b7c2e14 PSARC 2003/722 WiFi PCMCIA Driver Productization hx147065 parents: 789 diff changeset	64	Network Wifi Management:::Manage wifi network configuration:auths=solaris.network.wifi.config;help=RtNetWifiMngmnt.html
044a1b7c2e14 PSARC 2003/722 WiFi PCMCIA Driver Productization hx147065 parents: 789 diff changeset	65	Network Wifi Security:::Manage wifi network security:auths=solaris.network.wifi.wep;help=RtNetWifiSecure.html
3147 2789cc0027be PSARC/2006/406 WiFi for GLDv3 xc151355 parents: 3048 diff changeset	66	Network Link Security:::Manage network link security:auths=solaris.network.link.security;help=RtNetLinkSecure.html
4235 037e335b7d68 PSARC 2007/200 - Dedicated SMF services for IPsec/IKE markfen parents: 4126 diff changeset	67	Network IPsec Management:::Manage IPsec and IKE:auths=solaris.smf.manage.ipsec,solaris.smf.value.ipsec;help=RtNetIPsec.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	68	Name Service Management:::Non-security name service scripts/commands:help=RtNameServiceAdmin.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69	Name Service Security:::Security related name service scripts/commands:help=RtNameServiceSecure.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	70	Object Access Management:::Change ownership and permission on files:help=RtObAccessMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	71	Process Management:::Manage current processes and processors:auths=solaris.smf.manage.cron,solaris.smf.manage.power;help=RtProcManagement.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	72	Rights Delegation:::Delegate ability to assign rights to users and roles:auths=solaris.role.delegate,solaris.profmgr.delegate,solaris.grant;help=RtRightsDelegate.html
2912 85ea316d9c18 PSARC 2005/399 Tamarack: Removable Media Enhancements in Solaris artem parents: 995 diff changeset	73	Rmvolmgr Management:::Manage Removable Volume Manager SMF service:auths=solaris.smf.manage.rmvolmgr;help=RtRmvolmgrMngmnt.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	74	Service Management:::Manage services:auths=solaris.smf.manage,solaris.smf.modify
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	75	Service Operator:::Administer services:auths=solaris.smf.manage,solaris.smf.modify.framework
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	76	Software Installation:::Add application software to the system:help=RtSoftwareInstall.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	77	System Event Management:::Manage system events and system event channels:help=RtSysEvMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	78	User Management:::Manage users, groups, home directory:auths=solaris.profmgr.read;help=RtUserMngmnt.html
4746 0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	79	User Security:::Manage passwords, clearances:auths=solaris.role.,solaris.profmgr.,solaris.label.range;help=RtUserSecurity.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	80	FTP Management:::Manage the FTP server:help=RtFTPMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	81	Crypto Management:::Cryptographic Framework Administration:help=RtCryptoMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	Kerberos Client Management:::Maintain and Administer Kerberos excluding the servers:help=RtKerberosClntMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	83	Kerberos Server Management:::Maintain and Administer Kerberos Servers:profiles=Kerberos Client Management;help=RtKerberosSrvrMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	84	DAT Administration:::Manage the DAT configuration:help=RtDatAdmin.html
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: 5307 diff changeset	85	SMB Management:::Manage the SMB service:auths=solaris.smf.manage.smb,solaris.smf.value.smb,solaris.smf.read.smb;help=RtSMBMngmnt.html
6007 d57e38e8fdd1 PSARC 2005/695 CIFS Client on Solaris thurlow parents: 5622 diff changeset	86	SMBFS Management:::Manage the SMB client:auths=solaris.smf.manage.smbfs,solaris.smf.value,solaris.smf.modify.application;help=RtSMBFSMngmnt.html
789 b348f31ed315 PSARC 2002/240 ZFS ahrens parents: 750 diff changeset	87	ZFS File System Management:::Create and Manage ZFS File Systems:help=RtZFSFileSysMngmnt.html
b348f31ed315 PSARC 2002/240 ZFS ahrens parents: 750 diff changeset	88	ZFS Storage Management:::Create and Manage ZFS Storage Pools:help=RtZFSStorageMngmnt.html
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	Zone Management:::Zones Virtual Application Environment Administration:help=RtZoneMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	IP Filter Management:::IP Filter Administration:help=RtIPFilterMngmnt.html
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	Project Management:::Add/Modify/Remove projects:help=RtProjManagement.html
5440 f84b7f8d106d PSARC 2007/118 VSCAN Service jm199354 parents: 5331 diff changeset	92	VSCAN Management:::Manage the VSCAN service:auths=solaris.smf.manage.vscan,solaris.smf.value.vscan,solaris.smf.modify.application;help=RtVscanMngmnt.html
4746 0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	93	#
0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	94	# Trusted Extensions profiles:
0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	95	#
0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	96	Information Security:::Maintains MAC and DAC security policies:profiles=Device Security,File System Security,Name Service Security,Network Security,Object Access Management,Object Label Management;help=RtInfoSec.html
0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	97	Object Label Management:::Change labels on files.:auths=solaris.device.allocate,solaris.label.file.downgrade,solaris.label.win.downgrade,solaris.label.win.upgrade,solaris.label.file.upgrade,solaris.label.range,solaris.smf.manage.labels;help=RtObjectLabelMngmnt.html
0bc0c48f4304 PSARC 2007/254 - Enabling method for Trusted Extensions rica parents: 4520 diff changeset	98	Outside Accred:::Allow a user to operate outside the user accreditation range.:auths=solaris.label.range;help=RtOutsideAccred.html
5137 04e1b19888fb PSARC 2007/414 SCF changes for iSCSI Target zl149053 parents: 4904 diff changeset	99	ISCSI Target Administration:::Configure ISCSI Target service:auths=solaris.smf.modify.iscsitgt,solaris.smf.read.iscsitgt,solaris.smf.value.iscsitgt
04e1b19888fb PSARC 2007/414 SCF changes for iSCSI Target zl149053 parents: 4904 diff changeset	100	ISCSI Target Management:::Start/Stop ISCSI Target service:auths=solaris.smf.manage.iscsitgt
6573 7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	101	#
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	102	# Power Management profiles:
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	103	#
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	104	System Power:::For authorized users to manage system power:auths=solaris.system.power.*;help=RtSysPowerMgmt.html
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	105	Suspend:::For authorized users to Suspend system:auths=solaris.system.power.suspend.*;help=RtSysPowerMgmtSuspend.html
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	106	Suspend To Disk:::For authorized users to Suspend to Disk:auths=solaris.system.power.suspend.disk;help=RtSysPowerMgmtSuspendToDisk.html
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	107	Suspend To RAM:::For authorized users to Suspend to RAM:auths=solaris.system.power.suspend.ram;help=RtSysPowerMgmtSuspendToRAM.html
7a725819f4fe PSARC/2008/021 HAL Power Management Support phitran parents: 6561 diff changeset	108	Brightness:::For authorized users to Control LCD Brightness:auths=solaris.system.power.brightness;help=RtSysPowerMgmtBrightness.html
6654 e02478f0bcde PSARC 2007/679 CPUFreq HAL np146283 parents: 6573 diff changeset	109	CPU Power Management:::For authorized users to manage CPU Power:auths=solaris.system.power.cpu;help=RtCPUPowerManagement.html
7103 3cde99325878 PSARC 2008/087 Extended Accounting Conversion to SMF ml93401 parents: 6654 diff changeset	110	acctadm:::Do not assign to users. Commands required for Extended Accounting Management profiles:help=RtAcctadm.help

author	rui zang - Sun Microsystems - Beijing China <Aaron.Zang@Sun.COM>
	Thu, 25 Sep 2008 14:01:48 +0800
changeset 7688	2757e6e1bb2a
parent 7645	959583783b98
child 7734	c46e039795b8
permissions	-rw-r--r--