Summary

This chapter looked at RBAC for delegating limited administrative capabilities to nonroot users. It described the features that are inherent with RBAC, which include roles, authorizations, and execution profiles.

This chapter also described the four databases that interact with each other to provide users with access to privileged operations including user_attr, auth_attr, prof_attr, and exec_attr.

Now that you know more about RBAC, the next chapter describes the Solaris Management Console, which provides an easy-to-use GUI for creating and assigning roles and assigning rights to the roles. You will find it much easier to use than the command-line equivalents.