24 DESCRIPTION
25 The pfexec program is used to execute commands with the attributes
26 specified by the user's profiles in the exec_attr(4) database. It is
27 invoked by the profile shells, pfsh, pfcsh, and pfksh which are linked
28 to the Bourne shell, C shell, and Korn shell, respectively.
29
30
31 Profiles are searched in the order specified in the user's entry in the
32 user_attr(4) database. If the same command appears in more than one
33 profile, the profile shell uses the first matching entry.
34
35
36 The second form, pfexec -P privspec, allows a user to obtain the
37 additional privileges awarded to the user's profiles in prof_attr(4).
38 The privileges specification on the commands line is parsed using
39 priv_str_to_set(3C). The resulting privileges are intersected with the
40 union of the privileges specified using the "privs" keyword in
41 prof_attr(4) for all the user's profiles and added to the inheritable
42 set before executing the command.
43
44 USAGE
45 pfexec is used to execute commands with predefined process attributes,
46 such as specific user or group IDs.
47
48
49 Refer to the sh(1), csh(1), and ksh(1) man pages for complete usage
50 descriptions of the profile shells.
51
52 EXAMPLES
53 Example 1 Obtaining additional user privileges
54
55 example% pfexec -P all chown user file
56
57
58
59
60 This command runs chown user file with all privileges assigned to the
61 current user, not necessarily all privileges.
62
63
64 EXIT STATUS
65 The following exit values are returned:
66
67 0
68 Successful completion.
69
70
71 1
72 An error occurred.
73
74
75 SEE ALSO
76 csh(1), ksh(1), profiles(1), sh(1), exec_attr(4), prof_attr(4),
77 user_attr(4), attributes(5)
78
79
80
81 March 3, 2003 PFEXEC(1)
|
24 DESCRIPTION
25 The pfexec program is used to execute commands with the attributes
26 specified by the user's profiles in the exec_attr(4) database. It is
27 invoked by the profile shells, pfsh, pfcsh, and pfksh which are linked
28 to the Bourne shell, C shell, and Korn shell, respectively.
29
30
31 Profiles are searched in the order specified in the user's entry in the
32 user_attr(4) database. If the same command appears in more than one
33 profile, the profile shell uses the first matching entry.
34
35
36 The second form, pfexec -P privspec, allows a user to obtain the
37 additional privileges awarded to the user's profiles in prof_attr(4).
38 The privileges specification on the commands line is parsed using
39 priv_str_to_set(3C). The resulting privileges are intersected with the
40 union of the privileges specified using the "privs" keyword in
41 prof_attr(4) for all the user's profiles and added to the inheritable
42 set before executing the command.
43
44
45 For pfexec to function correctly, the pfexecd daemon must be running in
46 the current zone. This is normally managed by the
47 "svc:/system/pfexec:default" SMF service (see smf(5)).
48
49 USAGE
50 pfexec is used to execute commands with predefined process attributes,
51 such as specific user or group IDs.
52
53
54 Refer to the sh(1), csh(1), and ksh(1) man pages for complete usage
55 descriptions of the profile shells.
56
57 EXAMPLES
58 Example 1 Obtaining additional user privileges
59
60 example% pfexec -P all chown user file
61
62
63
64
65 This command runs chown user file with all privileges assigned to the
66 current user, not necessarily all privileges.
67
68
69 EXIT STATUS
70 The following exit values are returned:
71
72 0
73 Successful completion.
74
75
76 1
77 An error occurred.
78
79
80 SEE ALSO
81 csh(1), ksh(1), profiles(1), sh(1), exec_attr(4), prof_attr(4),
82 user_attr(4), attributes(5), smf(5)
83
84
85
86 March 3, 2003 PFEXEC(1)
|