• Part I
  • sun managers I
• Part D
  • sun managers D
• Part L
  • sun managers L
• Part H
  • sun managers H
• Part B
  • sun managers B
• Part E
  • sun managers E
• Part J
  • sun managers J
• Part F
  • sun managers F
• Part C
  • sun managers C
• Part K
  • sun managers K

Summary (partial): password change with RBAC

I have received 3 responses so far, I write this
partial summary to say that I have tried everything as
said in the doco. Used User Security profile provided
by SUN. Steps taken:
1. User Security:suser:cmd:::/usr/bin/passwd:euid=0
This is already provided by SUN in
/etc/security/exec_attr
2. roleadd -m -P "User Security,All" passman && passwd
passman
3. usermod -R passman testuser
4. login as testuser
login: testuser
Password:
bash-2.03$ su - passman
Password:
$ passwd <user_id>
passwd (SYSTEM): Permission denied
passwd (SYSTEM): Can't change local passwd file
Permission denied
5. Tested profiles
$ profiles
User Security
All
Basic Solaris User

Then Stev send this message
"sandrewz" <sandrewz at yahoo.com>
This has to do with the EUID in one of the RBAC
authentication files under /etc/security/. This has
been fixed under Solaris 9. BTW, I haven't seen this
error posted anywhere, but discovered it myself.

stev

Therefore I have to assume that it's not going to work
in Sol 8. If anyone successfully implemented in Sol 8
I would like to hear from them.

Thanks to
Schneider, Michael (empolis GT)
Casper Dik
and also to Stev.

Regards
Uman
--- UmanS <kedaran0504 at yahoo.com.au> wrote: > Hi
Managers,
>
> We planning to handover unix passwd changes to our
> help desk and I am trying to do it through RBAC. I
> have followed the procedures from this "god send"
> list
> it working for snoop command (as in the SUMMARY) but
> it doesn't work for passwd command. When I test I
> get
> the following answer:
> passwd (SYSTEM): Permission denied
> passwd (SYSTEM): Can't change local passwd file
>
> Has anyone implement this before?. I have a script
> in
> perl to change the password (also from this list)
> but
> that still require root user id.
>
> Any suggestions/ideas welcome.
>
> Thanks
> Uman
>
> http://www.yahoo.promo.com.au/hint/ - Yahoo! Hint
> Dropper
> - Avoid getting hideous gifts this Christmas with
> Yahoo! Hint Dropper!
>

http://www.yahoo.promo.com.au/hint/ - Yahoo! Hint Dropper
- Avoid getting hideous gifts this Christmas with Yahoo! Hint Dropper!

Comments

"sun managers D [Part D]" Sponsored Links

• "sun managers D [Part D]" New Questiones!

  • SUMMARY (partial) slow ftp
  • SUMMARY (incomplete): Sun Solaris DHCP Server v. ISC DHCP Server
  • SUMMARY (2): jumpstart installation of sunfreeware packages
  • Summary (+question): OK -- I yield -- Solaris 8 DHCP client w/ NT DHCP server
  • SUMMARY - Veritas Licence for A5000
  • SUMMARY - Symbolic Links
  • SUMMARY - snmp2
  • Summary - SDS question.
  • SUMMARY - Release TCP/IP PORT
  • SUMMARY - RE: vi :s/r
  • Summary - Re: Solaris 8 printing problem
  • SUMMARY - Re: /home and /usr/home dir
  • SUMMARY - problems adding a metadb back on a slice (long post)
  • SUMMARY Problem with NIS Setup
  • Summary - Partial Sunfire V880 Dynamic Misconfiguration Problem
  • summary NIS
  • SUMMARY - network problem
  • Summary - LX50
  • Summary - High I/O Wait but can't find which process is doing it
  • summary - GCC INSTALL

Copyright © 2008 thatsjava.com • All rights reserved • CMS Theme by WebmasterFund.com - 0.172