Role migration

If an AIX system prior to AIX Version 6.1 is being updated to an AIX enhanced RBAC level via a migration install, migration of the /etc/security/roles file attempts to update the file for the new functionality while maintaining the current role abilities.

Role definitions in the file are preserved and are simply modified to include a unique role ID to allow the role to function properly in the new framework. Any authorizations in the /etc/security/roles file that are not known predefined authorizations are considered user-defined authorizations. During migration, these authorization names are added as entries in the local /etc/security/authorizations authorization database. In addition to migration of the old role definitions, the new predefined roles are appended to the file. After migration, the system administrator must verify that the authorizations and roles are defined as needed for the environment.