I would create a script that checked if root's password was requested to be changed then make a profile to run the script as root. Just remember to prevent running the script without a parameter since just running passwd as root with no arguments also changes root's password.
________________________________ From: Naveen surisetty <[email protected]> To: [email protected] Sent: Tuesday, August 4, 2009 12:42:54 AM Subject: [sysadmin-discuss] RBAC Profile help?.. I have an sysadmin role, and a profile "user management" assigned to the role. #tail /etc/security/exec_attr ... user management:suser:cmd:::/usr/bin/passwd:uid=0 I just want to restrict the role "sysadmin" not to change "root" password, but grant permission for all other users. How do i configure RBAC profile?. Thanks Naveen -- This message posted from opensolaris.org _______________________________________________ sysadmin-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
_______________________________________________ sysadmin-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
