Contains the user access control list (ACL) definitions for the System Management Interface Tool (SMIT).
The /etc/security/smitacl.user file contains the ACL definitions for SMIT. This is an ASCII file that contains a stanza for each system user. Each stanza is identified by a user name followed by a : (colon) and contains attributes in the form Attribute=Value. Each attribute pair ends with a newline character as does each stanza.
The file supports a default stanza. If an attribute is not defined, either the default stanza or the default value for the attribute is used.
A stanza contains the following attributes:
Attribute | Description |
---|---|
screens | Describes the list of SMIT
screens for the user. (It is of
the type SEC_LIST.) Examples include:
|
funcmode | Describes if the
role database and/or SMIT ACL database should
be used to determine accessibility. It also describes how to combine
the screens data from the two databases. (It is of the type SEC_CHAR.) Examples include:
The defined values for funcmode are:
|
For a typical stanza, see the "Examples" section . This file may viewed with the lssec command and modified with the chsec command.
The screen names specified in the screens attribute are SMIT fastpath values. Many SMIT fastpath values can be found in the commands documentation. The smit command may also be used to determine the fastpath of the current screen. Please see the smit command for more information.
Access Control: This file grants read and write access to the root user, and read access to members of the security group.
pwduser:
funcmode = roles+acl
screens = users,passwd
bkupuser:
screens = mksysb
Item | Description |
---|---|
/etc/security/roles | Contains the list of valid roles. |
/etc/security/user.roles | Contains the list of roles for each user. |
/etc/security/smitacl.group | Contains the group ACL definitions. |
/etc/security/smitacl.user | Contains the user ACL definitions. |