[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Files Reference

smitacl.group File

Purpose

Contains the group access control list (ACL) definitions for the System Management Interface Tool (SMIT). This system file only applies to AIX 4.2.1 and later.

Description

The /etc/security/smitacl.group file contains the group ACL definitions for SMIT. This is an ASCII file that contains a stanza for each system group. Each stanza is identified by a group name followed by a : (colon) and contains attributes in the form Attribute=Value. Each attribute pair ends with a newline character as does each stanza.

The file supports a default stanza. If an attribute is not defined, either the default stanza or the default value for the attribute is used.

A stanza contains the following attribute:

screens Describes the list of SMIT screens for this group. (It is of the type SEC_LIST.) Examples include:

screens = *                 # Permit all screen access.
screens = !*                # Deny all screen access.
screens =                   # Allows no specific screens
                            # (screens can be added on a per user basis)
screens = user,group,!tcpip # Allow user & group
                            # screens, but not
                            # tcpip screen

For a typical stanza, see the "Examples" section.

Security

Access Control: This file grants read and write access to the root user, and read access to members of the security group.

Examples

  1. A typical stanza looks like the following example for the group called group:
    group:
            screens = *
  2. To allow the mksysb screen only for a member of group called group, add the following stanza:
    default:
            screens = 
    group:
            screens = mksysb

Files

/etc/security/roles Contains the list of valid roles.
/etc/security/user.roles Contains the list of roles for each user.
/etc/security/smitacl.group Contains the group ACL definitions.
/etc/security/smitacl.user Contains the user ACL definitions.

Related Information

The getgrpaclattr subroutine, nextgrpacl subroutine, putgrpaclattr subroutine.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]