add_command_to_role command to add a privileged UNIX command to the currently selected role that is stored in memory. The command must already exist. You can create privileged UNIX commands using
add_command_to_role command does not change the role as it is stored Active Directory. Running the command changes the role only in memory. You must save the role before the added command takes effect in Active Directory. If you select another role or quit ADEdit before saving the role, any commands you’ve added since the last save won’t take effect.
Classic and hierarchical
This command takes no options.
This command takes the following argument:
Required. Specifies the name of an existing UNIX command to add to the currently selected role.
If the UNIX command right that you want to add is defined in the current zone, the zonename argument is optional. If the UNIX command right is defined in a zone other than the currently selected zone, the zonename argument is required to identify the specific UNIX command right to add.
This command returns nothing if it runs successfully.
This example adds the command
basicshell, defined in the
global zone, to the currently selected role.
Before you use this command, you must have a currently selected role stored in memory. The following commands enable you to view and select a role to work with:
- get_role_commands returns a Tcl list of the UNIX commands for the role.
- new_role creates a new role.
- select_role retrieves a role from Active Directory.
The following commands enable you to work with a currently selected role:
- add_pamapp_to_role adds a PAM application to the role.
- delete_role deletes the selected role from Active Directory and from memory.
- get_role_apps returns a Tcl list of the PAM applications for the role.
- get_role_field reads a field value from the role.
- list_role_rights lists of all privileged commands and PAM application rights for the role.
- remove_command_from_role removes a UNIX command from the role.
- remove_pamapp_from_role removes a PAM application from the role.
- save_role saves the selected role with its current settings to Active Directory.
- set_role_field sets a field value in the role.