Since you know you will be on a Solaris 10 host, use RBAC instead of sudo.

/usr/bin/cp -f /etc/security/prof_attr /etc/security/prof_attr.bak
/usr/bin/cp -f /etc/security/exec_attr /etc/security/exec_attr.bak
/usr/bin/echo "Pool Management:::Resource pool management profile:help=RtPoolMgmt.html" >> /etc/security/prof_attr /usr/bin/echo "Pool Management:suser:cmd:::/usr/sbin/pooladm:euid=0" >> /etc/security/exec_attr /usr/bin/echo "Pool Management:suser:cmd:::/usr/sbin/poolcfg:euid=0" >> /etc/security/exec_attr

/usr/sbin/usermod -P "Pool Management,Project Management,Zone Management" username

That will give the username the ability to control projects, pools, and zones.

Mike


Andrew Dishong wrote:


Does anyone have a pointer to information on using sudo and zone administration/creation? I saw some blurbs that this can be accomplished but nothing specific, we have a customer looking for any reference to being able to admin and create zones without using root, sudo seemed to be a logical choice, thanks Andy
---
Andrew Dishong: Solutions Architect Dayton, Ohio - JPMC WIN Team
Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Accessline: 877-226-8297
Page: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
IM: softvtwin03
http://webhome.central/adishong Blog: http://blogs.sun.com/adishong




------------------------------------------------------------------------

_______________________________________________
zones-discuss mailing list
[EMAIL PROTECTED]
_______________________________________________
zones-discuss mailing list
[EMAIL PROTECTED]

Reply via email to