RBAC-related commands
The following table lists the RBAC-related commands that are provided in the AIX® operating system to manage and use the RBAC framework.
| Command | Description |
|---|---|
| chauth | Modify user-defined authorization attributes |
| chrole | Modify role attributes |
| ckauth | Check the current process for an authorization |
| lsauth | Display user- and system-defined authorization attributes |
| lskst | List the entries in the Kernel Security Tables |
| lspriv | Display the privileges available on the system |
| lsrole | Display role attributes |
| lssecattr | Display security attributes of a command, device, process, or file |
| mkauth | Create a new user-defined authorization |
| mkrole | Create a new role |
| pvi | Privileged file editor |
| rbacqry | Enables RBAC for applications |
| rbactoldif | Output RBAC user-level databases in LDAP-compatible format |
| rmauth | Remove user-defined authorizations |
| rmrole | Remove a role |
| rmsecattr | Remove the definition of security attributes for a command, device, or file |
| rolelist | Display role information for a user or process |
| setkst | Send the entries in the RBAC user-level databases to the Kernel Security Tables |
| setsecattr | Set the security attributes of a command, device, process, or file |
| setsecconf | Modify kernel security flags |
| swrole | Create a new role session |
| tracepriv | Trace the privileges needed by a command to successfully run |