Expand section on Solaris privileges.
This commit is contained in:
@@ -441,6 +441,26 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
|
||||
privileges or limit privileges are specified with the command it will
|
||||
override any default values specified in _s_u_d_o_e_r_s.
|
||||
|
||||
A privilege set is a comma-separated list of privilege names. The
|
||||
ppriv(1) command can be used to list all privileges known to the system.
|
||||
For example:
|
||||
|
||||
$ ppriv -l
|
||||
|
||||
In addition, there are several ``special'' privilege strings:
|
||||
|
||||
none the empty set
|
||||
|
||||
all the set of all privileges
|
||||
|
||||
zone the set of all privileges available in the current zone
|
||||
|
||||
basic the default set of privileges normal users are granted at login
|
||||
time
|
||||
|
||||
Privileges can be excluded from a set by prefixing the privilege name
|
||||
with either an `!' or `-' character.
|
||||
|
||||
TTaagg__SSppeecc
|
||||
A command may have zero or more tags associated with it. There are ten
|
||||
possible tag values: NOPASSWD, PASSWD, NOEXEC, EXEC, SETENV, NOSETENV,
|
||||
|
@@ -964,6 +964,41 @@ privilege set associated with a command.
|
||||
If privileges or limit privileges are specified with the command
|
||||
it will override any default values specified in
|
||||
\fIsudoers\fR.
|
||||
.PP
|
||||
A privilege set is a comma-separated list of privilege names.
|
||||
The
|
||||
ppriv(1)
|
||||
command can be used to list all privileges known to the system.
|
||||
For example:
|
||||
.nf
|
||||
.sp
|
||||
.RS 0n
|
||||
$ ppriv -l
|
||||
.RE
|
||||
.fi
|
||||
.PP
|
||||
In addition, there are several
|
||||
``special''
|
||||
privilege strings:
|
||||
.TP 10n
|
||||
none
|
||||
the empty set
|
||||
.TP 10n
|
||||
all
|
||||
the set of all privileges
|
||||
.TP 10n
|
||||
zone
|
||||
the set of all privileges available in the current zone
|
||||
.TP 10n
|
||||
basic
|
||||
the default set of privileges normal users are granted at login time
|
||||
.PP
|
||||
Privileges can be excluded from a set by prefixing the privilege
|
||||
name with either an
|
||||
`\&!'
|
||||
or
|
||||
`\-'
|
||||
character.
|
||||
.SS "Tag_Spec"
|
||||
A command may have zero or more tags associated with it.
|
||||
There are
|
||||
|
@@ -911,6 +911,36 @@ privilege set associated with a command.
|
||||
If privileges or limit privileges are specified with the command
|
||||
it will override any default values specified in
|
||||
.Em sudoers .
|
||||
.Pp
|
||||
A privilege set is a comma-separated list of privilege names.
|
||||
The
|
||||
.Xr ppriv 1
|
||||
command can be used to list all privileges known to the system.
|
||||
For example:
|
||||
.Bd -literal
|
||||
$ ppriv -l
|
||||
.Ed
|
||||
.Pp
|
||||
In addition, there are several
|
||||
.Dq special
|
||||
privilege strings:
|
||||
.Bl -tag -width 8n
|
||||
.It none
|
||||
the empty set
|
||||
.It all
|
||||
the set of all privileges
|
||||
.It zone
|
||||
the set of all privileges available in the current zone
|
||||
.It basic
|
||||
the default set of privileges normal users are granted at login time
|
||||
.El
|
||||
.Pp
|
||||
Privileges can be excluded from a set by prefixing the privilege
|
||||
name with either an
|
||||
.Ql \&!
|
||||
or
|
||||
.Ql \-
|
||||
character.
|
||||
.Ss Tag_Spec
|
||||
A command may have zero or more tags associated with it.
|
||||
There are
|
||||
|
Reference in New Issue
Block a user