Command setup for sudo
Some commands need sudo access.
The following table lists the files that are used by the commands. In this table:
- homedirectory is the complete path to a user's home directory. For example, /home/username.
- Shell can be /bin/bsh, /bin/sh, and others.
- profilepath is the complete path to a user's shell initialization file. For example, homedirectory/.profile.
| Command | Files that are used by the command | Operation | Operating System |
|---|---|---|---|
| cat | /var/adm/cron/at.allow /var/adm/cron/ at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
reconciliation useradd usermod userdel |
AIX |
| /etc/cron.d/at.allow
/etc/cron.d/at.deny /etc/cron.d/cron.allow /etc/cron.d/cron.deny |
reconciliation useradd usermod userdel |
Solaris | |
|
/var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
reconciliation useradd usermod userdel |
HP-UX-Trusted HP-UX-Nontrusted |
|
|
/etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
reconciliation useradd usermod userdel |
Linux | |
| $homedir/.profile
$homedir/.bash_profile $homedir/.bash_login $homedir/.cshrc $homedir/.login |
reconciliation |
HP-UX-Trusted HP-UX-Nontrusted Linux Solaris |
|
| /tcb/files/auth/$usernamefolder/$username,
where $usernamefolder is the first letter of the user name |
reconciliation | HP-UX-Trusted | |
| /etc/passwd | usermod userdel set home directory |
AIX | |
| /etc/passwd | set umask | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/passwd | reconciliation | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/passwd | set home directory permissions | AIX Linux - NonShadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/passwd | suspend and restore account and userdel | Linux - NonShadow | |
| /etc/passwd | set password and userdel | HP-UX-Trusted | |
| /etc/passwd | usermod | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/passwd | suspend and restore account and userdel |
Linux - Shadow |
|
| /etc/shadow |
reconciliation change password |
Linux - Shadow |
|
| /etc/shadow | reconciliation |
HP-UX-Nontrusted Solaris |
|
| chage | NA | Useradd Usermod |
Linux |
| chgroup | /etc/group/etc/passwd | Group mod | AIX |
| chmod | /var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
set permissions | AIX HP-UX-Trusted HP-UX-Nontrusted Solaris |
| AIXPConnRes.sh ViosAixPConnRes.sh mkvios.sh |
set permissions | AIX | |
| HPNTrustPConnRes.sh | set permissions | HP-UX-Nontrusted | |
| HPTrustPConnRes.sh
CryptPwd |
set permissions | HP-UX-Trusted | |
| LinuxPConnRes.sh | set permissions | Linux - NonShadow | |
| LinuxShadowPConnRes.sh | set permissions | Linux - Shadow | |
| SolarisPConnRes.sh | set permissions | Solaris | |
| homedirectory Location of temporary files on resource. The default location is /tmp. |
set permissions | AIX Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
useradd usermod |
Linux - NonShadow Linux - Shadow |
|
| chpasswd | /etc/passwd | Set password for LDAP registry | AIX |
| chrole | NA | Role modify | AIX |
| chsec | /etc/security/lastlog | restore account | AIX |
| chuser | homedirectory and shell | usermod | AIX |
| cp Note: CP command not being used by adapter
code for these platforms.
|
/etc/skel/local.cshrc, profilepath | Useradd Usermod |
HP UX (trusted and non-trusted) AIX |
| /etc/csh.cshrc, profilepath | set umask | Linux - NonShadow Linux - Shadow |
|
| echo | NA | Useradd Usermod Suspend Restore Reconciliation |
Linux Solaris AIX |
| ed | profilepath | set umask | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
| /var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
useradd usermod userdel |
AIX HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
useradd usermod userdel |
Linux - NonShadow Linux - Shadow |
|
| faillock | NA | Useradd Usermod Reconcillation Suspend Restore |
Linux |
| faillog | NA | Useradd Usermod Reconcillation Suspend Restore |
Linux |
| fwtmp | /var/adm/wtmp /var/adm/wtmps |
reconciliation | HP-UX-Trusted HP-UX-Nontrusted |
| getprpw/usr/lbin/getprpw | NA | Usermod Suspend Restore |
HP-UX (trusted) |
| grep | /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
reconciliation | Linux - NonShadow Linux - Shadow |
| homedirectory /etc/passwd /etc/shadow /var/adm/cron/at.allow /var/adm/cron/ at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
Useradd Usermod Userdel Suspend Restore Reconciliation |
AIX | |
| homedirectory /etc/passwd /etc/shadow /etc/cron.d/at.allow /etc/cron.d/at.deny /etc/cron.d/cron.allow /etc/cron.d/cron.deny |
Useradd Usermod Userdel Suspend Restore Reconciliation |
Solaris | |
| homedirectory /etc/passwd /etc/shadow /var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
Useradd Usermod Userdel Suspend Restore Reconciliation |
HP-UX (trusted and non-trusted) | |
| groups | /etc/group/etc/passwd | Usermod Reconciliation |
Linux AIX |
| groupadd | NA | Add group |
Linux Solaris HP-UX (trusted & non-trusted) |
| groupdel | NA | Delete group |
Linux Solaris HP-UX (trusted & non-trusted) |
| groupmod | NA | Mod group |
Linux Solaris HP-UX (trusted & non-trusted) |
| hostname | NA | reconciliation |
Linux Solaris HP-UX (trusted & non-trusted) AIX |
| kill | NA | Userdel |
Linux Solaris HP-UX (trusted & non-trusted) AIX |
| lastlog | /var/log/lastlog | reconciliation | Linux - NonShadow Linux - Shadow |
| logins | /etc/group/etc/passwd | Suspend Restore Reconciliation |
Linux Solaris HP-UX (trusted & non-trusted) |
| lsgroup | /etc/group/etc/passwd | Groupmod Reconciliation |
AIX |
| ls -la | /etc/SuSE-release /etc/redhat-release /etc/debian_version |
identify operating system | Linux - NonShadow Linux - Shadow |
| /tcb/files/auth/system/default | identify operating system | HP-UX-Trusted | |
| /usr/ios/cli/ios.level | identify operating system | AIX | |
| homedirectory | delete home directory | AIX | |
| profilepath | set umask | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
useradd usermod userdel |
AIX HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| homedirectory | reconciliation | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| Location of temporary files on resource. The default location is /tmp. For example, /tmp/AIXPConnRes.sh | reconciliation | AIX Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
useradd usermod userdel |
Linux - NonShadow Linux - Shadow |
|
| lsrole | NA | Reconciliation | AIX |
| lsuser | homedirectory | Add Modify Reconciliation |
AIX |
| mkdir | Location of temporary files on resource. The default location is /tmp. | useradd usermod userdel cat |
AIX HP-UX-Trusted HP-UX-Nontrusted Solaris Linux - NonShadow Linux - Shadow |
| mkgroup | /etc/group/etc/passwd | Groupadd | AIX |
| mkrole | NA | Create role | AIX |
| mkuser | homedirectory | add user with home directory | AIX |
| modprpw/usr/lbin/modprpw | NA | Usermod Suspend Restore |
HP_UX (trusted) |
| mv | homedirectory | move home directory | AIX |
| pam_tally2 | NA | Useradd Usermod Reconcillation Suspend Restore |
Linux |
| passwd | /etc/passwd/etc/shadow | Useradd Usermod Restore |
Linux Solaris HP-UX (trusted & non-trusted) AIX |
| pwdadm | NA | Useradd Usermod Reconciliation |
AIX |
| rmgroup | /etc/group | Groupdel | AIX |
| rm -rf | homedirectory | delete home directory | AIX |
| rmrole | NA | Role delete | AIX |
| rmuser | NA | Userdel | AIX |
| Location of temporary files on resource. The default location is /tmp. | useradd usermod userdel cat |
AIX HP-UX-Trusted HP-UX-Nontrusted Solaris Linux - NonShadow Linux - Shadow |
|
| tee | profilepath | set umask | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
| /var/adm/cron/at.allow /var/adm/cron/at.deny /var/adm/cron/cron.allow /var/adm/cron/cron.deny |
useradd usermod userdel |
AIX HP-UX-Trusted HP-UX-Nontrusted Solaris |
|
| /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny |
useradd usermod userdel |
Linux - NonShadow Linux - Shadow |
|
| test | /tcb/files/auth/usernamefolder/username reconScriptLoc (user-specified location on resource for reconscripts) |
reconciliation |
Linux Aix Solaris HP-UX (trusted and non - trusted) |
| useradd | homedirectory | add user with home directory | Linux - NonShadow Linux - Shadow HP-UX-Trusted HP-UX-Nontrusted Solaris |
| userdel | homedirectory | Delete user |
Linux Solaris HP-UX (trusted & non-trusted) |
| usermod | homedirectory and shell | Useradd Usermod |
AIX |
| usermod.sam/usr/sam/lbin/usermod.sam | NA | Useradd Usermod |
HP-UX (trusted & non-trusted) |