Creates new roles. This command applies only to AIX 4.2.1 and later.
mkrole [ Attribute=Value ... ] Name
The mkrole command creates a new role. The Name parameter must be a unique role name. You cannot use the ALL or default keywords as the role name.
You can use the Users application in Web-based System Manager to change user characteristics. You could also use the System Management Interface Tool (SMIT) to run this command.
To prevent inconsistencies, restrict role names to characters with the POSIX portable filename character set. You cannot use the keywords ALL or default as a role name. Additionally, do not use any of the following characters within a role-name string:
: | Colon |
" | Double quotation mark |
# | |
, | Comma |
= | Equal sign |
\ | Backslash |
/ | Slash |
? | Question mark |
' | Single quotation mark |
` | Back quotation mark |
Finally, the Name parameter cannot contain any space, tab, or new-line characters.
To ensure the integrity of the role information, only users with the RoleAdmin authorization can create a role.
Attribute=Value | Initializes a role attribute. Refer to the chrole command for the valid attributes and values. |
Files Accessed:
Mode | File |
---|---|
rw | /etc/security/roles |
r | /etc/security/user.roles |
Auditing Events:
Event | Information |
---|---|
ROLE_Create | role |
To create the ManageObjects role and set the groups attribute to objects, type:
mkrole groups=objects ManageObjects
/etc/security/roles | Contains the attributes of roles. |
/etc/security/user.roles | Contains the role attribute of users. |
The chrole command, chuser command, lsrole command, lsuser command, mkuser command, rmrole command.
For more information about the identification and authentication of users, discretionary access control, the trusted computing base, and auditing, refer to the AIX 5L Version 5.2 Security Guide.
Administrative Roles Overview in AIX 5L Version 5.2 Security Guide.
For information on installing the Web-based System Manager, see Chapter 2: Installation and System Requirements in AIX 5L Version 5.2 Web-based System Manager Administration Guide.