RBAC-related commands
The following table lists the RBAC-related commands that are provided in the AIX® operating system to manage and use the RBAC framework.
Command | Description |
---|---|
chauth | Modify user-defined authorization attributes |
chrole | Modify role attributes |
ckauth | Check the current process for an authorization |
lsauth | Display user- and system-defined authorization attributes |
lskst | List the entries in the Kernel Security Tables |
lspriv | Display the privileges available on the system |
lsrole | Display role attributes |
lssecattr | Display security attributes of a command, device, process, or file |
mkauth | Create a new user-defined authorization |
mkrole | Create a new role |
pvi | Privileged file editor |
rbacqry | Enables RBAC for applications |
rbactoldif | Output RBAC user-level databases in LDAP-compatible format |
rmauth | Remove user-defined authorizations |
rmrole | Remove a role |
rmsecattr | Remove the definition of security attributes for a command, device, or file |
rolelist | Display role information for a user or process |
setkst | Send the entries in the RBAC user-level databases to the Kernel Security Tables |
setsecattr | Set the security attributes of a command, device, process, or file |
setsecconf | Modify kernel security flags |
swrole | Create a new role session |
tracepriv | Trace the privileges needed by a command to successfully run |