ROLES(1) User Commands ROLES(1)
NAME
roles - print roles granted to a user
SYNOPSIS
roles [
user ]...
DESCRIPTION
The
roles command prints on standard output the roles that you or the
optionally-specified user have been granted. Roles are special accounts
that correspond to a functional responsibility rather than to an actual
person (referred to as a normal user).
Each user may have zero or more roles. Roles have most of the attributes
of normal users and are identified like normal users in
passwd(5) and
shadow(5). Each role must have an entry in the
user_attr(5) file that
identifies it as a role. Roles can have their own authorizations and
profiles. See
auths(1) and
profiles(1).
Roles are not allowed to log into a system as a primary user. Instead, a
user must first log in as a normal user and assume the role. The actions
of a role are attributable to the normal user. The audited events of the
role contain the audit
ID of the original user who assumed the role.
A role may not assume itself or any other role. Roles are not
hierarchical. However, rights profiles (see
prof_attr(5)) are
hierarchical and can be used to achieve the same effect as hierarchical
roles.
Roles must have valid passwords and one of the shells that interprets
profiles: either
pfcsh,
pfksh, or
pfsh. See
pfexec(1).
Role assumption may be performed using
su(8),
rlogin(1), or some other
service that supports the
PAM_RUSER variable. Successful assumption
requires knowledge of the role's password and membership in the role.
Role assignments are specified in
user_attr(5).
EXAMPLES
Example 1: Sample output
The output of the
roles command has the following form:
example%
roles tester01 tester02 tester01 : admin
tester02 : secadmin, root
example%
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
FILES
/etc/user_attr /etc/security/auth_attr /etc/security/prof_attrSEE ALSO
auths(1),
pfexec(1),
profiles(1),
rlogin(1),
auth_attr(5),
passwd(5),
prof_attr(5),
shadow(5),
user_attr(5),
attributes(7),
su(8) January 7, 2018
ROLES(1)