Index Index for
Section 8
Index Alphabetical
listing for D
Bottom of page Bottom of
page		 

dop(8)


NAME

  dop - Allows a user to execute a privileged program without knowing the
  root password. The dop command also modifies the action database.


SYNOPSIS

  /usr/sbin/dop [-n  | -N] [ui:] action [args]

  /usr/sbin/dop -a priv[,priv]... action [ui:]pathspec[,[ui:]pathspec]...

  /usr/sbin/dop -a priv[,priv]... [ui:]pathspec

  /usr/sbin/dop -d  action

  /usr/sbin/dop [-w  | -W]


OPTIONS

  -n  Invokes a prompt asking the user if they want to run the command as a
      user or as root. The root password is required to run as root.

  -N  Attempts to run the action with the user privileges.

  -a  Adds new actions to the dop database.

  -d  Deletes an existing action from the dop database.

  -w  Writes a binary image without changing the source.

  -W  Updates the actionlist from the dop action file and then executes the
      -w option, which writes the binary image.


OPERANDS

  action  Name of privileged program to invoke

  args	  Arguments to pass to the application guarded by the privilege.

  priv	  Comma separated privilege list (see sysman dopconfig)

  pathspec
	  The fully qualified path name and arguments for the associated
	  action.

	  When specified by a comma separated pathlist and arguments for
	  multiple user interface domains (ui:), the first ui: argument
	  specified is used as the default. If no action is specified, then
	  the path base name is used. An asterisk in pathspec is replaced by
	  the user-supplied command line argument at run-time argument. Path
	  arguments should be quoted per the current shell.

  ui:	  Optional.  A user interface domain, typically one of X11, suit,
	  java, menu, cui, or cli.


DESCRIPTION

  The dop (Division of Privileges) command can execute an action after proper
  authentication from the privilege database file. For more information, see
  the Security guide.


NOTES

  By necessity, the dop command must alter the settings of the following
  environment variables:

  PATH	 SYSMANDIR			   TKX_LIBRARY

		       TK_LIBRARY
  IFS	 TCL_LIBRARY   TCLX_LIBRARY	   CTK_LIBRARY

  Only the following environment variables are passed to the executing dop
  action:

  ___________________________________________________________________________
  CTK_DISPLAY

			     LC_MONETARY

						     SYSMANUI
  CTK_LIBRARY					     TCLX_LIBRARY

			     LC_NUMERIC
  DISPLAY		     LC_TIME		     TCL_LIBRARY
			     LOGNAME		     TERM

  JPROTOCOL_VERSION
  LANG			     MAIL		    TKX_LIBRARY
  ___________________________________________________________________________
  LC_ALL		    REAL_USER		     TK_LIBRARY
  LC_COLLATE

			    SYSMANFOCUSDIR

						    _SUIT_SPLASH_SCREEN
  LC_CTYPE		    SYSMANFOCUSHOST	    _SYSMAN_CHILD_PROCESS
  LC_MESSAGES		    SYSMANONCLUSTER	    _SYSMAN_COLORS
  ___________________________________________________________________________


RESTRICTIONS

  You must have root privileges to modify the privileges database.


EXAMPLES

  The following example will add an action to the HardwareManagement
  privilege.

       dop -a HardwareManagement hwmgr_user_script "/usr/sbin/hwmgr *"

  The following example runs the action hwmgr_user_script for the
  HardwareManagement privilege.

       dop hwmgr_user_script

  The following example deletes the hwmgr_user_script action from the action
  database.

       dop -d hwmgr_user_script


FILES

  /usr/sbin/dop
      Executable file.

  /usr/sbin/sysman dopconfig
      Executable file for adding or deleting permissions for users and or
      groups.

  /etc/doprc
      dop database.


SEE ALSO

  Commands: sysman(8)

Index Index for
Section 8
Index Alphabetical
listing for D
Top of page Top of
page