- System Administration Guide: Security Services

Q

quoting syntax in BART, Quoting Syntax

R

-R option

bart create

How to Create a Manifest

How to Compare Manifests for the Same System Over Time

ssh command, How to Use Port Forwarding in Solaris Secure Shell

-r option

bart create, How to Compare Manifests for the Same System Over Time

passwd command, Managing Password Information

praudit command, praudit Command

random numbers

dd command, How to Generate a Symmetric Key by Using the dd Command

pktool command, How to Generate a Symmetric Key by Using the pktool Command

raw praudit output format, praudit Command

RBAC

adding custom roles, How to Create a Role From the Command Line

adding new rights profile, How to Create or Change a Rights Profile

adding roles, How to Create and Assign a Role by Using the GUI

adding roles from command line, How to Create a Role From the Command Line

administration commands, Commands That Manage RBAC

audit profiles, Rights Profiles for Administering Auditing

auditing roles, How to Audit Roles

authorization database, auth_attr Database

authorizations, RBAC Authorizations

basic concepts, Solaris RBAC Elements and Basic Concepts

changing role passwords, How to Change the Password of a Role

changing user properties

from command line, How to Change the RBAC Properties of a User

checking scripts or programs for authorizations, How to Add RBAC Properties to Legacy Applications

commands for managing, Commands That Manage RBAC

compared to superuser model, RBAC: An Alternative to the Superuser Model

configuring, Configuring RBAC

database relationships, RBAC Database Relationships

databases, Databases That Support RBAC

editing rights profiles, How to Create or Change a Rights Profile

elements, Solaris RBAC Elements and Basic Concepts

modifying roles, How to Change the Properties of a Role

modifying users, How to Change the RBAC Properties of a User

name services and, RBAC Databases and the Name Service

planning, How to Plan Your RBAC Implementation

profile shells, Profile Shell in RBAC

rights profile database, prof_attr Database

rights profiles, RBAC Rights Profiles

securing scripts, How to Add RBAC Properties to Legacy Applications

using privileged applications, How to Assume a Role in the Solaris Management Console

RC4, See ARCFOUR kernel provider

rcp command

Kerberos and

Overview of Kerberized Commands

Kerberos Commands

rdist command, Kerberos and, Kerberos Commands

read_kt command

How to Display the Keylist (Principals) in a Keytab File

How to Temporarily Disable Authentication for a Service on a Host

read permissions, symbolic mode, File Permission Modes

readable audit record format

converting audit records to

How to View the Contents of Binary Audit Files

praudit Command

realms (Kerberos)

configuration decisions, Planning Kerberos Realms

configuring cross-realm authentication, Configuring Cross-Realm Authentication

contents of, Kerberos Servers

direct, How to Establish Direct Cross-Realm Authentication

hierarchical, How to Establish Hierarchical Cross-Realm Authentication

hierarchical or nonhierarchical, Kerberos Realms

hierarchy, Realm Hierarchy

in principal names, Kerberos Principals

mapping host names onto, Mapping Host Names Onto Realms

names, Realm Names

number of, Number of Realms

requesting tickets for specific, Overview of Kerberized Commands

servers and, Kerberos Servers

reauth_timeout option, SASL and, SASL Options

redirecting arrow (>), preventing redirection, Assigning a Restricted Shell to Users

reducing

audit files

How to Merge Audit Files From the Audit Trail

auditreduce Command

storage-space requirements for audit files, Auditing Efficiently

refreshing, cryptographic services, How to Refresh or Restart All Cryptographic Services

registering providers, cryptographic framework, Plugins to the Solaris Cryptographic Framework

rem_drv command, description, Device Policy Commands

remote logins

authentication, Authentication and Authorization for Remote Access

authorization, Authentication and Authorization for Remote Access

preventing superuser from, How to Restrict and Monitor Superuser Logins

security and, Implementation of Diffie-Hellman Authentication

RemoteForward keyword, ssh_config file, Keywords in Solaris Secure Shell

removing

ACL entries, How to Delete ACL Entries From a File

cryptographic providers

How to Prevent the Use of a User-Level Mechanism

How to Prevent the Use of a Kernel Software Provider

device policy, How to Change the Device Policy on an Existing Device

plugins from KMF, How to Manage Third-Party Plugins in KMF

policy from device, How to Change the Device Policy on an Existing Device

principals with ktremove command, How to Remove a Service Principal From a Keytab File

privileges from basic set, How to Limit a User's or Role's Privileges

privileges from limit set, How to Limit a User's or Role's Privileges

service principal from keytab file, How to Remove a Service Principal From a Keytab File

software providers

permanently

How to Prevent the Use of a Kernel Software Provider

temporarily, How to Prevent the Use of a Kernel Software Provider

renewable ticket, definition, Types of Tickets

replacing, superuser with roles, How to Plan Your RBAC Implementation

replayed transactions, Implementation of Diffie-Hellman Authentication

reporting tool, See bart compare

reports, BART, Basic Audit Reporting Tool (Overview)

required control flag, PAM, How PAM Stacking Works

requisite control flag, PAM, How PAM Stacking Works

resource controls

privileges, and, Privileges and System Resources

project.max-locked-memory, Privileges and System Resources

zone.max-locked-memory, Privileges and System Resources

restarting

audit daemon, How to Update the Auditing Service

cryptographic services, How to Refresh or Restart All Cryptographic Services

ssh service, How to Configure Port Forwarding in Solaris Secure Shell

sshd daemon, How to Configure Port Forwarding in Solaris Secure Shell

restoring, cryptographic providers, How to Prevent the Use of a Kernel Software Provider

restricted shell (rsh), Assigning a Restricted Shell to Users

restricting

superuser task map, Monitoring and Restricting Superuser (Task Map)

user privileges, How to Limit a User's or Role's Privileges

restricting access for KDC servers, How to Restrict Access to KDC Servers

RETRIES in Solaris Secure Shell, Solaris Secure Shell and Login Environment Variables

return audit token, format, return Token

rewoffl option

mt command

tape device cleanup and, Device-Clean Scripts

.rhosts file, description, Solaris Secure Shell Files

RhostsAuthentication keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell

RhostsRSAAuthentication keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell

right, See rights profiles

rights profiles

for auditing service, Rights Profiles for Administering Auditing

changing contents of, How to Create or Change a Rights Profile

changing from command line, How to Create or Change a Rights Profile

contents of typical, Contents of Rights Profiles

creating

in Solaris Management Console, How to Create or Change a Rights Profile

on command line, How to Create or Change a Rights Profile

creating roles for, How to Create and Assign a Role by Using the GUI

databases

See prof_attr database and exec_attr database

description

Solaris RBAC Elements and Basic Concepts

RBAC Rights Profiles

major rights profiles descriptions, Contents of Rights Profiles

methods of creating, How to Create or Change a Rights Profile

modifying, How to Create or Change a Rights Profile

ordering, Order of Rights Profiles

troubleshooting, How to Create or Change a Rights Profile

using the System Administrator profile, How to Require a Password for Hardware Access

viewing contents, Viewing the Contents of Rights Profiles

Rights tool, description, How to Create or Change a Rights Profile

rlogin command

Kerberos and

Overview of Kerberized Commands

Kerberos Commands

rlogind daemon, Kerberos and, Kerberos Daemons

role-based access control, See RBAC

roleadd command

description, Commands That Manage RBAC

using, How to Create a Role From the Command Line

roledel command, description, Commands That Manage RBAC

rolemod command

changing properties of role, How to Change the Properties of a Role

description, Commands That Manage RBAC

roles

adding custom roles, How to Create a Role From the Command Line

adding for particular profiles, How to Create and Assign a Role by Using the GUI

adding from command line, How to Create a Role From the Command Line

assigning privileges to, How to Assign Privileges to a User or Role

assigning with usermod command, How to Assign a Role to a Local User

assuming

How to Assume a Role in a Terminal Window

How to Assume a Role in the Solaris Management Console

assuming after login, RBAC Roles

assuming in a terminal window

Profile Shell in RBAC

How to Assume a Role in a Terminal Window

assuming in Solaris Management Console, How to Assume a Role in the Solaris Management Console

assuming Primary Administrator role, How to Assume a Role in a Terminal Window

assuming root role, How to Assume a Role in a Terminal Window

assuming System Administrator role, How to Assume a Role in a Terminal Window

auditing, How to Audit Roles

changing password of, How to Change the Password of a Role

changing properties of, How to Change the Properties of a Role

creating

Crypto Management role, How to Assign a Role to a Local User

Custom Operator role, How to Create a Role From the Command Line

Device Security role, How to Create and Assign a Role by Using the GUI

DHCP Management role, How to Create and Assign a Role by Using the GUI

for particular profiles, How to Create and Assign a Role by Using the GUI

Network Security role, How to Create and Assign a Role by Using the GUI

on command line, How to Create a Role From the Command Line

Operator role, How to Create and Assign a Role by Using the GUI

role with limited scope, How to Create and Assign a Role by Using the GUI

root role, How to Make root User Into a Role

security-related roles, How to Create and Assign a Role by Using the GUI

System Administrator role, How to Create and Assign a Role by Using the GUI

description, RBAC Roles

determining directly assigned privileges, How to Determine the Privileges That You Have Been Directly Assigned

determining role's privileged commands, How to Determine the Privileged Commands That a Role Can Run

listing local roles

How to Assume a Role in a Terminal Window

Commands That Manage RBAC

making root user into role, How to Make root User Into a Role

modifying, How to Change the Properties of a Role

modifying assignment to a user, How to Create and Assign a Role by Using the GUI

recommended roles, RBAC: An Alternative to the Superuser Model

summary, Solaris RBAC Elements and Basic Concepts

troubleshooting, How to Create and Assign a Role by Using the GUI

use in RBAC, RBAC: An Alternative to the Superuser Model

using an assigned role

How to Assume a Role in a Terminal Window

How to Assume a Role in the Solaris Management Console

using to access the hardware, How to Require a Password for Hardware Access

roles command

description, Commands That Manage RBAC

using, How to Assume a Role in a Terminal Window

root principal, adding to host's keytab, Administering Keytab Files

root role (RBAC), assuming role, How to Assume a Role in a Terminal Window

root user

changing to root role, How to Make root User Into a Role

displaying access attempts on console, How to Restrict and Monitor Superuser Logins

description, Special System Logins

monitoring su command attempts

Limiting and Monitoring Superuser

How to Monitor Who Is Using the su Command

replacing in RBAC, RBAC Roles

restricting access, Restricting root Access to Shared Files

restricting remote access

How to Restrict and Monitor Superuser Logins

tracking logins, Limiting and Monitoring Superuser

RPCSEC_GSS API, Kerberos and, SEAM 1.0 Components

RSA kernel provider, How to List Available Providers

RSAAuthentication keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell

rsh command

Kerberos and

Overview of Kerberized Commands

Kerberos Commands

rsh command (restricted shell), Assigning a Restricted Shell to Users

rshd daemon, Kerberos and, Kerberos Daemons

rstchown system variable, How to Change the Owner of a File

rules file (BART), BART Rules File

rules file attributes, See keywords

rules file format (BART), BART Rules File Format

rules file specification language, See quoting syntax