HP-UX Reference (11i v2 07/12) - 1M System Administration Commands N-Z (vol 4)
r
rbacdbchk(1M) rbacdbchk(1M)
NAME
rbacdbchk - verifies the syntax of the Role-Based Access Control (RBAC) database files
SYNOPSIS
rbacdbck [-r | -a |
-u | -R | -c | -x]
DESCRIPTION
rbacdbck verifies that there are no conflicting or inconsistent entries in and amongst the RBAC database
files.
rbacdbck also checks the syntax of the database files and prints messages indicating which lines
contain errors. rbacdbchk returns zero output if no errors are present in the database files.
All the RBAC database files (/etc/rbac/roles
, /etc/rbac/auths
, /etc/rbac/user_role
,
/etc/rbac/role_auth
, and /etc/rbac/cmd_priv)
are verified. See rbac(5) for more informa-
tion on these RBAC database files.
Options
rbacdbchk supports the following options:
-r Checks the /etc/rbac/roles
database.
-a Checks the /etc/rbac/auths
database.
-u Checks the /etc/rbac/user_role
database.
-R Checks the /etc/rback/role_auth
database.
-c Checks the /etc/rbac/cmd_priv
database.
-x Cross reference checks all databases.
EXTERNAL INFLUENCES
Environment Variables
LC_MESSAGES determines the language in which messages are displayed.
International Code Set Support
Single-byte character code set is supported.
RETURN VALUE
0. Success
1. Incorrect syntax
EXAMPLES
The following example finds an error that user John is an invalid user
# rbacdbchk
[/etc/rbac/user_role] John: Administrator
invalid user
The value ’John’ for the Username field is bad.
The following example finds a syntax error, an extra colon (:), at the end of a line:
# rbacdbchk
[/etc/rbac/user_role] root: Administrator:
invalid name: Not alphanumeric
The value ’Administrator:’ for the Rolename field is bad.
[Role in role_auth DB with no assigned user in user_role DB]
Administrator:(hpux.*, *)
The following example finds a field missing:
# rbacdbchk
[/etc/rbac/roles] : my comment
invalid name: <empty>
The value ’’ for the Rolename field is bad.
The following example finds a bad role:
# rbacdbchk
HP-UX 11i Version 2: December 2007 Update − 1 − Hewlett-Packard Company 213