1profiles(1)                      User Commands                     profiles(1)
2
3
4

NAME

6       profiles - print execution profiles for a user
7

SYNOPSIS

9       profiles [-l] [ user ]...
10
11

DESCRIPTION

13       The  profiles command prints on standard output the names of the execu‐
14       tion profiles that have been assigned to you or to the optionally-spec‐
15       ified user or role name. Profiles are a bundling mechanism used to enu‐
16       merate the commands and authorizations needed  to  perform  a  specific
17       function. Along with each listed executable are the process attributes,
18       such as the effective user and group IDs, with which the  process  runs
19       when  started  by  a privileged command interpreter. The profile shells
20       are pfcsh, pfksh, and pfexec. See the pfexec(1) man page. Profiles  can
21       contain other profiles defined in prof_attr(4).
22
23
24       Multiple  profiles  can be combined to construct the appropriate access
25       control. When profiles are assigned, the authorizations  are  added  to
26       the existing set. If the same command appears in multiple profiles, the
27       first occurrence, as determined by the ordering  of  the  profiles,  is
28       used  for  process-attribute settings. For convenience, a wild card can
29       be specified to match all commands.
30
31
32       When  profiles  are  interpreted,  the  profile  list  is  loaded  from
33       user_attr(4).  If  any default profile is defined in /etc/security/pol‐
34       icy.conf (see policy.conf(4)), the list of default profiles  are  added
35       to  the list loaded from user_attr(4). Matching entries in prof_attr(4)
36       provide the authorizations list, and matching entries  in  exec_attr(4)
37       provide the commands list.
38

OPTIONS

40       The following options are supported:
41
42       -l    Lists  the  commands  in  each  profile  followed  by the special
43             process attributes such as user and group IDs.
44
45

EXAMPLES

47       Example 1 Sample Output
48
49
50       The output of the profiles command has the following form:
51
52
53         example% profiles tester01 tester02tester01 : Audit Management, All Commands
54         tester02 : Device Management, All Commands
55         example%
56
57
58
59       Example 2 Using the list Option
60
61         example% profiles -l tester01 tester02tester01 :
62             Audit Management:
63               /usr/sbin/audit          euid=root
64               /usr/sbin/auditconfig    euid=root    egid=sys
65             All Commands:
66               *
67         tester02 :
68             Device Management:
69               /usr/bin/allocate:       euid=root
70               /usr/bin/deallocate:     euid=root
71             All Commands
72               *
73         example%
74
75
76

EXIT STATUS

78       The following exit values are returned:
79
80       0     Successful completion.
81
82
83       1     An error occurred.
84
85

FILES

87       /etc/security/exec_attr
88
89
90       /etc/security/prof_attr
91
92
93       /etc/user_attr
94
95
96       /etc/security/policy.conf
97

ATTRIBUTES

99       See attributes(5) for descriptions of the following attributes:
100
101
102
103
104       ┌─────────────────────────────┬─────────────────────────────┐
105       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
106       ├─────────────────────────────┼─────────────────────────────┤
107       │Availability                 │SUNWcsu                      │
108       └─────────────────────────────┴─────────────────────────────┘
109

SEE ALSO

111       auths(1), pfexec(1), roles(1), getprofattr(3SECDB), exec_attr(4),  pol‐
112       icy.conf(4), prof_attr(4), user_attr(4), attributes(5)
113
114
115
116SunOS 5.11                        11 Feb 2000                      profiles(1)