개요

• 솔라나라에 설명된 어플리케이션에 대해 맨 페이지를 찾아 출력한다.
• MAN 페이지에 대한 설명은 윈디하나의 솔라나라: MAN 페이지을 참고하자.
• svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.

roles(1)

roles(1)                         User Commands                        roles(1)



NAME
       roles - print roles granted to a user

SYNOPSIS
       roles [ user ]...

DESCRIPTION
       The  command  roles prints on standard output the roles that you or the
       optionally-specified user have been granted. Roles are special accounts
       that correspond to a functional responsibility rather than to an actual
       person (referred to as a normal user).


       Each user may  have  zero  or  more  roles.  Roles  have  most  of  the
       attributes  of  normal  users  and  are identified like normal users in
       passwd(5)  and  shadow(5).  Each  role  must  have  an  entry  in   the
       user_attr(5)  file  that  identifies it as a role. Roles can have their
       own authorizations and profiles. See auths(1) and profiles(1).


       Roles are not allowed to log into a system as a primary user.  Instead,
       a  user  must  log  in using their own account and assume the role. The
       actions of a role are attributable to the normal user. When auditing is
       enabled,  the  audited  events  of the role contain the audit ID of the
       original user who assumed the role.


       A role may not assume itself or any other role. Roles are  not  hierar‐
       chical.  However,  rights  profiles (see prof_attr(5)) are hierarchical
       and can be used to achieve the same effect as hierarchical roles.


       Role assumption can be performed using su(8),  ssh(1),  or  some  other
       service  that  supports  the  PAM_AUSER variable. Successful assumption
       requires both role authentication and membership.  Role  authentication
       can  require either the user's password or the role's password, depend‐
       ing on the setting of the roleauth property in the role's  user_attr(5)
       entry. By default, the role's password is required. Roles are typically
       assigned a profile shell. By convention, a profile shell  is  specified
       by  preceding  the  standard shell's name with pf, for example, pfbash.
       Role assignments are specified in user_attr(5).

EXAMPLES
       Example 1 Sample Output



       The output of the roles command has the following form:


         example% roles tester01 tester02
         tester01 : admin
         tester02 : secadmin, root
         example%


EXIT STATUS
       The following exit values are returned:

       0    Successful completion.


       1    An error occurred.


FILES
       /etc/user_attr


       /etc/security/auth_attr


       /etc/security/prof_attr

ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE VALUE _ Availabilitysystem/core-os


SEE ALSO
       auths(1),  pfexec(1),  profiles(1),  ssh(1),  auth_attr(5),  passwd(5),
       prof_attr(5), shadow(5), user_attr(5), attributes(7), rbac(7), su(8)

HISTORY
       The roles command was added in Solaris 8.



Oracle Solaris 11.4               21 Jun 2021                         roles(1)