|
|
It is possible to assign users the capability of executing
root-only commands without giving them
complete root powers. This is done using the
asroot(ADM)
utility to create a new authorization
associated with the command you wish to assign. You can
then add this authorization to any user.
You can also assign the root subsystem authorization to
permit the use of all commands configured with asroot.
For example, when the shutdown authorization is
assigned assigned to a user, they can execute the shutdown
command like this:
/tcb/bin/asroot shutdown
The procedure for setting up a superuser command for this usage is described in detail in the asroot(ADM) manual page.
See also: