Commands Reference, Volume 3

mkrole Command

Purpose

Creates new roles. This command applies only to AIX 4.2.1 and later.

Syntax

mkrole [ Attribute=Value ... ] Name

Description

The mkrole command creates a new role. The Name parameter must be a unique role name. You cannot use the ALL or default keywords as the role name.

You can use the Users application in Web-based System Manager (wsm) to change user characteristics. You could also use the System Management Interface Tool (SMIT) to run this command.

Restrictions on Creating Role Names

To prevent inconsistencies, you should restrict role names to characters with the POSIX portable filename character set. You cannot use the keywords ALL or default as a role name. Additionally, do not use any of the following characters within a role-name string:

:	Colon
"	Double quote
#	Pound sign
,	Comma
=	Equal sign
\	Back slash
/	Slash
?	Question mark
'	Single quote
`	Back quote

Finally, the Name parameter cannot contain any space, tab, or new-line characters.

Mode	File
rw	/etc/security/roles
r	/etc/security/user.roles

Auditing Events:

Event	Information
ROLE_Create	role

Example

To create the ManageObjects role and set the groups attribute to objects, enter:

mkrole groups=objects ManageObjects

Files

/etc/security/roles	Contains the attributes of roles.
/etc/security/user.roles	Contains the role attribute of users.

Related Information

The chrole command, chuser command, lsrole command, lsuser command, mkuser command, rmrole command.

Security Administration in AIX 5L Version 5.1 System Management Concepts: Operating System and Devices.

Administrative Roles Overview in AIX 5L Version 5.1 System Management Concepts: Operating System and Devices.

For information on installing the Web-based System Manager, see Chapter 2: Installation and System Requirements in AIX 5L Version 5.1 Web-based System Manager Administration Guide.