dop - Allows a user to execute a privileged program without
knowing the root password. The dop command also modifies
the action database.
/usr/sbin/dop [-n | -N] [ui:] action [args]
/usr/sbin/dop -a priv[,priv]... action [ui:]pathspec[,[ui:]pathspec]...
/usr/sbin/dop -a priv[,priv]... [ui:]pathspec
/usr/sbin/dop -d action
/usr/sbin/dop [-w | -W]
Invokes a prompt asking the user if they want to run the
command as a user or as root. The root password is
required to run as root. Attempts to run the action with
the user privileges. Adds new actions to the dop
database. Deletes an existing action from the dop
database. Writes a binary image without changing the
source. Updates the actionlist from the dop action file
and then executes the -w option, which writes the binary
image.
Name of privileged program to invoke Arguments to pass to
the application guarded by the privilege. Comma separated
privilege list (see sysman dopconfig) The fully qualified
path name and arguments for the associated action.
When specified by a comma separated pathlist and
arguments for multiple user interface domains
(ui:), the first ui: argument specified is used as
the default. If no action is specified, then the
path base name is used. An asterisk in pathspec is
replaced by the user-supplied command line argument
at run-time argument. Path arguments should be
quoted per the current shell. Optional. A user
interface domain, typically one of X11, suit, java,
menu, cui, or cli.
The dop (Division of Privileges) command can execute an
action after proper authentication from the privilege
database file. For more information, see the Security
guide.
By necessity, the dop command must alter the settings of
the following environment variables:
PATH SYSMANDIR TK_LIBRARY TKX_LIBRARY
IFS TCL_LIBRARY TCLX_LIBRARY CTK_LIBRARY
Only the following environment variables are passed to the
executing dop action:
----------------------------------------------------------------------------
CTK_DISPLAY
LC_MONETARY SYSMANUI
CTK_LIBRARY TCLX_LIBRARY
LC_NUMERIC
DISPLAY LC_TIME TCL_LIBRARY
JPROTOCOL_VERSION LOGNAME TERM
LANG MAIL TKX_LIBRARY
----------------------------------------------------------------------------
LC_ALL REAL_USER TK_LIBRARY
LC_COLLATE SYSMANFOCUSDIR _SUIT_SPLASH_SCREEN
LC_CTYPE SYSMANFOCUSHOST _SYSMAN_CHILD_PROCESS
LC_MESSAGES SYSMANONCLUSTER _SYSMAN_COLORS
----------------------------------------------------------------------------
You must have root privileges to modify the privileges
database.
The following example will add an action to the HardwareManagement
privilege. dop -a HardwareManagement
hwmgr_user_script "/usr/sbin/hwmgr *"
The following example runs the action hwmgr_user_script
for the HardwareManagement privilege. dop
hwmgr_user_script
The following example deletes the hwmgr_user_script action
from the action database. dop -d hwmgr_user_script
Executable file. Executable file for adding or deleting
permissions for users and or groups. dop database.
Commands: sysman(8)
dop(8)
[ Back ] |