[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Files Reference

smitacl.group File


Contains the group access control list (ACL) definitions for the System Management Interface Tool (SMIT). This system file only applies to AIX 4.2.1 and later.


The /etc/security/smitacl.group file contains the group ACL definitions for SMIT. This is an ASCII file that contains a stanza for each system group. Each stanza is identified by a group name followed by a : (colon) and contains attributes in the form Attribute=Value. Each attribute pair ends with a newline character as does each stanza.

The file supports a default stanza. If an attribute is not defined, either the default stanza or the default value for the attribute is used.

A stanza contains the following attribute:

screens Describes the list of SMIT screens for this group. (It is of the type SEC_LIST.) Examples include:

screens = *                 # Permit all screen access.
screens = !*                # Deny all screen access.
screens =                   # Allows no specific screens
                            # (screens can be added on a per user basis)
screens = user,group,!tcpip # Allow user & group
                            # screens, but not
                            # tcpip screen

For a typical stanza, see the "Examples" section.


Access Control: This file grants read and write access to the root user, and read access to members of the security group.


  1. A typical stanza looks like the following example for the group called group:
            screens = *
  2. To allow the mksysb screen only for a member of group called group, add the following stanza:
            screens = 
            screens = mksysb


/etc/security/roles Contains the list of valid roles.
/etc/security/user.roles Contains the list of roles for each user.
/etc/security/smitacl.group Contains the group ACL definitions.
/etc/security/smitacl.user Contains the user ACL definitions.

Related Information

The getgrpaclattr subroutine, nextgrpacl subroutine, putgrpaclattr subroutine.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]