EXEC_ATTR(5) | File Formats and Configurations | EXEC_ATTR(5) |
exec_attr - execution profiles database
/etc/security/exec_attr
/etc/security/exec_attr is a local database that specifies the execution attributes associated with profiles. The exec_attr file can be used with other sources for execution profiles, including the exec_attr NIS map. Programs use the getexecattr(3SECDB) routines to access this information.
The search order for multiple execution profile sources is specified in the /etc/nsswitch.conf file, as described in the nsswitch.conf(5) man page. The search order follows the entry for prof_attr(5).
A profile is a logical grouping of authorizations and commands that is interpreted by a profile shell to form a secure execution environment. The shells that interpret profiles are pfcsh, pfksh, and pfsh. See the pfsh(1) man page. Each user's account is assigned zero or more profiles in the user_attr(5) database file.
Each entry in the exec_attr database consists of one line of text containing seven fields separated by colons (:). Line continuations using the backslash (\) character are permitted. The basic format of each entry is:
name:policy:type:res1:res2:id:attr
name
policy
The solaris and suser policies can coexist in the same exec_attr database, so that Solaris releases prior to the current release can use the suser policy and the current Solaris release can use a solaris policy. solaris is a superset of suser; it allows you to specify privileges in addition to UIDs. Policies that are specific to the current release of Solaris or that contain privileges should use solaris. Policies that use UIDs only or that are not specific to the current Solaris release should use suser.
type
res1
res2
id
To specify arguments, the pathname should point to a shell script that is written to execute the command with the desired argument. In a Bourne shell, the effective UID is reset to the real UID of the process when the effective UID is less than 100 and not equal to the real UID. Depending on the euid and egid values, Bourne shell limitations might make other shells preferable. To prevent the effective UIDs from being reset to real UIDs, you can start the script with the -p option.
#!/bin/sh -p
attr
euid and uid contain a single user name or a numeric user ID. Commands designated with euid run with the effective UID indicated, which is similar to setting the setuid bit on an executable file. Commands designated with uid run with both the real and effective UIDs. Setting uid may be more appropriate than setting the euid on privileged shell scripts.
egid and gid contain a single group name or a numeric group ID. Commands designated with egid run with the effective GID indicated, which is similar to setting the setgid bit on a file. Commands designated with gid run with both the real and effective GIDs. Setting gid may be more appropriate than setting guid on privileged shell scripts.
privs contains a privilege set which will be added to the inheritable set prior to running the command.
limitprivs contains a privilege set which will be assigned to the limit set prior to running the command.
privs and limitprivs are only valid for the solaris policy.
Example 1 Using Effective User ID
The following example shows the audit command specified in the Audit Control profile to execute with an effective user ID of root (0):
Audit Control:suser:cmd:::/usr/sbin/audit:euid=0
/etc/nsswitch.conf
/etc/user_attr
/etc/security/exec_attr
See attributes(7) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availibility | SUNWcsr |
Interface Stability | See below. |
The command-line syntax is Committed. The output is Uncommitted.
Because the list of legal keys is likely to expand, any code that parses this database must be written to ignore unknown key-value pairs without error. When any new keywords are created, the names should be prefixed with a unique string, such as the company's stock symbol, to avoid potential naming conflicts.
The following characters are used in describing the database format and must be escaped with a backslash if used as data: colon (:), semicolon (;), equals (=), and backslash (\).
auths(1), profiles(1), roles(1), sh(1), getauthattr(3SECDB), getexecattr(3SECDB), getprofattr(3SECDB), getuserattr(3SECDB), kva_match(3SECDB), auth_attr(5), prof_attr(5), user_attr(5), attributes(7), privileges(7), makedbm(8)
August 3, 2017 | OmniOS |