Unable to login server as RBAC user - SUN

This is a discussion on Unable to login server as RBAC user - SUN ; Hi, I have an existing user (psoft) & want to allow this user to only be able to reboot a server, stop and start an application whenever she want. I just finish setting up an RBAC for that user acct ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Unable to login server as RBAC user

  1. Unable to login server as RBAC user

    Hi,

    I have an existing user (psoft) & want to allow this user to only be
    able to reboot a server, stop and start an application whenever she
    want.
    I just finish setting up an RBAC for that user acct (psoft) and able
    to
    login as psoft user & reboot the server. However, the issue I
    encounter is that when I login as root & then su - psoft, I can reboot
    the
    machine, but if I telnet into the server and login as psoft, I get
    the
    below errors. I already set the password for psoft user acct & I
    don't
    what else I am missing in setup. Could someone please help me out?
    Am I
    miss-configure RBAC acct?

    root@vcs-test-admin #roles psoft
    psoftadm

    root@vcs-test-admin #profiles psoftadm
    Shut
    Basic Solaris User
    All

    root@vcs-test-admin #grep Shut /etc/security/exec_attr
    Shut:suser:cmd:::/usr/sbin/shutdown:uid=0

    root@vcs-test-admin #grep psoft /etc/passwd
    psoft:x:1003:10002:PeopleSoft Test Acct:/export/home/psoft:/bin/bash
    psoftadm:x:1000:10002:PeopleSoft Role
    Acct:/export/home/psoftadm:/bin/pfsh

    root@vcs-test-admin #grep psoft /etc/user_attr
    psoftadm::::type=role;profiles=Shut
    psoft::::type=role;roles=psoftadm

    root@vcs-test-admin #telnet localhost
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    login: psoft
    Password:
    Roles can only be assumed by authorized users
    Login incorrect
    Connection to localhost closed by foreign host.


    root@vcs-test-admin #su - psoft
    Sun Microsystems Inc. SunOS 5.10 Generic January 2005
    Hello user psoft

    psoft@vcs-test-admin #who am i
    root pts/2 May 25 10:28

    psoft@vcs-test-admin #/usr/ucb/whoami
    psoft

    Any helps/suggestions are appreciated.

    TIA,
    -Chris


  2. Re: Unable to login server as RBAC user

    On 26 อมส, 00:02, "lazyboy...@yahoo.com" wrote:
    >
    > root@vcs-test-admin #grep psoft /etc/user_attr
    > psoftadm::::type=role;profiles=Shut
    > psoft::::type=role;roles=psoftadm
    >
    > root@vcs-test-admin #telnet localhost
    > Trying 127.0.0.1...
    > Connected to localhost.
    > Escape character is '^]'.
    > login: psoft
    > Password:
    > Roles can only be assumed by authorized users
    > Login incorrect
    > Connection to localhost closed by foreign host.


    You cant login to a role account, it is possible to 'su' to it only.
    Use a normal user account for logining to the host and then do 'su -
    psoft'




+ Reply to Thread