create_dz_command

Use the create_dz_command command to create a new UNIX privileged command in the currently selected zone.

Syntax

create_dz_command dzc cmd ?desc? ?form? ?dzdo_runas? ?dzsh_runas? ?flags? ?pri? ?umask? ?path? ?selinux_role? ?selinux_type?

Options

This command takes no options.

Arguments

This command takes the following arguments:

Argument Type Description

name

string

Required. Specifies the name to assign to the new UNIX command.

command

string

Required. Specifies the UNIX command string or strings. You can use wild cards or a regular expression.

description

string

Optional. Specifies text describing the UNIX command.

form

integer

Optional. Specifies whether the command and path strings use wild cards (0) or a regular expression (1).

dzdo_runas

string

Optional. Specifies the list of users and groups that can run this command under dzdo (similar to sudo). Users can be listed by user name or UID.

selinux_role

string

Optional. Specifies the SELinux role to use when constructing a new security context for command execution.

Note that selinux_role is only supported on Red Hat Enterprise Linux systems and effective only on systems with SELinux enabled and joined to a hierarchical zone.

selinux_type

string

Optional. Specifies the SELinux type to use when constructing a new security context for command execution.

Note that selinux_type is only supported on Red Hat Enterprise Linux systems and effective only on systems with SELinux enabled and joined to a hierarchical zone.

dzsh_runas

string

Optional. Specifies the list of users and groups that can run this command in the restricted shell environment (dzsh). Users can be listed by user name or UID.

flags

integer

Optional. Specifies an integer that defines a combination of different properties for the command.

For more information about setting this field, see set_dzc_field.

pri

integer

Optional. Specifies the command priority for the restricted shell command object.

For more information about setting this field, see set_dzc_field.

umask

integer

Optional. Specifies an integer that defines who can execute the command.

For more information about setting this field, see set_dzc_field.

path

string

Optional. Specifies the path to the command’s location. You can use wild cards, a regular expression, or one of the following keywords:

  • USERPATH to set to the command path to the equivalent of the Standard user path option.
  • SYSTEMPATH to set to the path to the equivalent of the Standard system path option.
  • SYSTEMSEARCHPATH to set to the path to the equivalent of the System search path option.

If you don’t specify this argument, the default is USERPATH.

Return value

This command returns nothing if it runs successfully.

Examples

create_dz_command testvi vi {Test UNIX command vi} {} {sfapps:perez,cody} {} {16}

Related Tcl library commands

None.