Administrator's Guide
Figure 8-2 Example Operation After Invoking privrun
( )
/
,
Users Roles
Authorizations
Operations Objects
1:1
Cmd
Privs
MANY:MANY MANY:MANY MANY:MANY
/etc/rbac/user_role /etc/rbac/role_auth /etc/rbac/cmd_priv
3
4
via ACPS
via ACPS
Privrun
Process
shell
Command
w
Privileges
Drop all but
defined privs
1
2 5
cmd, args, UID
1. A process, specifically a shell, associated with the user executes privrun with the
goal of executing a target command with elevated privilege.
2. The target command line (command and arguments) is explicitly passed to privrun,
and the UID of the invoking user is implicitly passed by the process context.
3. privrun attempts to find a match (or set of matches) within the
/etc/rbac/cmd_priv database for the specified command line. Each matching
entry also specifies a required authorization (operation, object pair) and the resulting
privileges if the user has the specified authorization.
4. privrun makes a call (for each matching /etc/rbac/cmd_priv entry) to the
ACPS. The HP-UX RBAC back end of the ACPS consults the /etc/rbac/user_role
and /etc/rbac/role_auth databases to determine whether the user has the
specified authorization, and passes this result back to privrun.
5. Assuming that the user associated with the process has the required authorization
specified in the /etc/rbac/cmd_priv database for the requested command,
privrun will drop all privileges except those specified in the
/etc/rbac/cmd_priv entry and execute the requested command. The privrun
command is set to UID=0 and starts with all necessary privileges.
8.4 Planning the HP-UX RBAC Deployment
Follow these planning steps before deploying HP-UX RBAC:
1. Plan roles for users.
2. Plan authorizations for the roles.
3. Plan the authorization-to-command mappings.
The following sections describe these steps in more detail.
8.4 Planning the HP-UX RBAC Deployment 151