When digging into SMF & RBAC, I also had to find my way through the man pages. You may find the following useful : http://learningsolaris.com/archives/2005/04/25/smf_and_rbac/
JC Van Nieuwenhoven On Wed, 2006-03-15 at 22:19, lianep at eng.sun.com wrote: > Doug Schwabauer - Sun Kansas City writes: > > Seeing as how you can use method_credential to start a service as a > > given user, is there a safe/easy/recommended way to make that given user > > capable of enabling/refreshing/disabling that service? Just trying > > svcadm enable/disable service as that user results in "Permission > > Denied". It seems logical that you should be able to allow the user > > that is running the service the capability to modify the service. > > Quick answer: yes, take a look at smf_security(5) -- we're closely > integrated with RBAC. The auth you're looking for is solaris.smf.manage. > > There's a example of using the delegated administration features of SMF > in Glenn Brunette's blueprint: > http://www.sun.com/blueprints/0605/819-2887.pdf > > There's a link on the main SMF community page for future reference too. > > liane > -- > Liane Praza, Solaris Kernel Development > liane.praza at sun.com - http://blogs.sun.com/lianep > > > _______________________________________________ > smf-discuss mailing list > smf-discuss at opensolaris.org This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
