HP-UX Reference (11i v3 07/02) - 1M System Administration Commands N-Z (vol 4)
p
privrun(1M) privrun(1M)
command [args] The HP-UX command to run. command must be fully qualified. If it is not, then
privrun will use the current working directory and the
PATH environment variable
to determine the desired command. args specifies any argument that the command
recognizes.
The cmd_priv Database
The
/etc/rbac/cmd_priv
file contains information on which authorizations are required to execute
each command binary, or edit each file. It also has the resulting privileges (real, effective UID and GID,
fine-grained privileges, compartment) associated with the binary. If the user is required to reauthenticate
prior to successful authorization, a PAM service name is specified in this file and indicates how
privrun
should identify itself to PAM. See pam.conf(4) for more detailed information.
The file contains any number of entries, where each entry is specified on a single line in the following for-
mat:
{command|file}
: arguments
:(operation,object):ruid/euid/rgid/egid : compartment :
privs :
pam-service : flags
These fields are defined as follows:
Field Description
command|file For privrun, the fully qualified path of the command being wrapped to provide
additional privileges.
For privedit, the fully qualified path of a file to edit.
This field may contain wildcards as defined in fnmatch(3C).
arguments The exact set of arguments (matched as a string) the user must invoke. If this field
is empty, the command may not be invoked with any arguments. If this field con-
tains the keyword DFLT, the specified command may be invoked with any argu-
ments. This field is only used by privrun and ignored by privedit.
(operation,object) The operation the user is required to have on the object specified. Together, the
(operation,object) forms the authorization. operation must be fully qualified and
cannot contain a wild card (
*).
An entry of all in object requires that the user has the specified operation on all
objects. (Note: This is satisfied by a specification of (
operation,*) in the
/etc/rbac/role_auth
database if RBAC is in use.)
This field may contain the keyword (
DFLT, DFLT) instead of (operation,
object),
which indicates that no access check is required and the command is invoked with
privilege for any user.
ruid
/euid/rgid/egid Real/Effective UID/GID. Part of the privileges granted to the wrapped command
(process) if the user has the specified authorization. If any of these fields are
specified, privrun calls setresuid or setresgid before invoking the com-
mand. These fields can also be specified by name, in which case a conversion will be
performed at invocation time. This field is only used by privrun and ignored by
privedit.
The UID and GID specifications in this field are optional. No ID present indicates
the field is to remain unchanged; however, the slash (/) characters separating the
IDs must remain.
compartment Compartment to invoke application in. A compartment is an attribute associated
with a process to compartmentalize different OS processes. If compartments are
not enabled on the system, this field should be set to DFLT. An error may occur if
this field is left empty. Refer to compartments(5) for more information on compart-
ments. This field is only used by privrun and ignored by privedit.
privs Fine-grained privileges to be associated with command at invocation. These
privileges may be used in lieu of UID=0 to perform specific kernel operations. If
the field is set to DFLT, basic privileges will be granted to the process. Refer to
privileges(5) for more detailed information. This field is only used by privrun and
ignored by privedit .
164 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: February 2007