privsh.5 (2010 09)
p
privsh(5) privsh(5)
NAME
privsh - overview of various privileged system shells
SYNOPSIS
Privileged POSIX Shell
privsh [+-aefhikmnoprstuvx
][+-o option ]... [
-c string ][arg]...
Privileged Korn Shell
privksh [+-aefhikmnoprstuvx
][+-o option ]... [
-c string ][arg]...
Privileged C Shell
privcsh [-cefinstvxTVX
][command_file ][argument_list]...
DESCRIPTION
HP-UX RBAC (Role-Based Access Control) provides the
privrun command which invokes another
application with privileges after performing appropriate authorization checks and optionally re-
authenticating the user.
Privileged shells are provided for transparently invoking privrun-wrapped user commands.
The privileged shell is a wrapper which invokes
privrun -x if the command to be executed is defined
in the RBAC database file,
/etc/rbac/cmd_priv
. The authorizations of the caller will be examined
according to the information in related RBAC database files.
If the command is not defined in the
/etc/rbac/cmd_priv
database file, then it will be executed as in
the original shell without the wrapper.
Privileged Shells
The HP-UX RBAC supports the following privileged shells:
To obtain: Use the command:
privileged POSIX Shell /usr/bin/privsh ...
privileged Korn Shell /usr/bin/privksh ...
privileged C Shell /usr/bin/privcsh ...
These shells can also be the default invocation, depending on the entry in the /etc/passwd file. See
also chsh (1).
privrun Options
No options to
privrun are specified when it is used to invoke applications from within the privileged
shells. See also privrun (1M).
SEE ALSO
sh(1), privrun(1M), rbac(5).
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1