Unable to login RBAC User Acct

From: Chris cc (lazyboy_2k@yahoo.com)
Date: Fri May 25 2007 - 14:00:15 EDT

• Next message: Sabrina Tale' \(RM/TEI\): "RE: sunmanagers Digest, Vol 2, Issue 14"
• Previous message: Martin Preßlaber: "project vs pool vs use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

I have an existing user (psoft) & want to allow this user to only be able to reboot a server, stop and start an application whenever she want. I just finish setting up an RBAC for that user acct (psoft) and able to login as psoft user & reboot the server. However, the issue I encounter is that when I login as root & then su - psoft, I can reboot the machine, but if I telnet into the server and login as psoft, I get the below errors. I already set the password for psoft user acct & I don't what else I am missing in setup. Could someone please help me out? Am I miss-configure RBAC acct?

root@vcs-test-admin #roles psoft
psoftadm

root@vcs-test-admin #profiles psoftadm
Shut
Basic Solaris User
All

root@vcs-test-admin #grep Shut /etc/security/exec_attr
Shut:suser:cmd:::/usr/sbin/shutdown:uid=0

root@vcs-test-admin #grep psoft /etc/passwd
psoft:x:1003:10002:PeopleSoft Test Acct:/export/home/psoft:/bin/bash
psoftadm:x:1000:10002:PeopleSoft Role Acct:/export/home/psoftadm:/bin/pfsh

root@vcs-test-admin #grep psoft /etc/user_attr
psoftadm::::type=role;profiles=Shut
psoft::::type=role;roles=psoftadm

root@vcs-test-admin #telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
login: psoft
Password:
Roles can only be assumed by authorized users
Login incorrect
Connection to localhost closed by foreign host.

root@vcs-test-admin #su - psoft
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
Hello user psoft

psoft@vcs-test-admin #who am i
root pts/2 May 25 10:28 (10.30.230.230)

psoft@vcs-test-admin #/usr/ucb/whoami
psoft

Any helps/suggestions are appreciated.

TIA,
-Chris

       
---------------------------------
Park yourself in front of a world of choices in alternative vehicles.
Visit the Yahoo! Auto Green Center.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Sabrina Tale' \(RM/TEI\): "RE: sunmanagers Digest, Vol 2, Issue 14"
• Previous message: Martin Preßlaber: "project vs pool vs use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:41:59 EDT