Use the create_role command to create a new role definition in the currently selected zone.
Syntax
create_role name description sysrights pamrights cmdrights allowlocal rsenv visible
Options
This command takes no options.
Arguments
This command takes the following arguments:
| Argument | Type | Description |
|
name |
string |
Required. Specifies the name to assign to the new role. |
|
description |
string |
Specifies the text string that describes the role. |
|
sysrights |
integer |
Specifies the system rights granted to the role. This value is an integer that represents a combination of binary flags, one for each system right. This field is not applicable in classic zones. |
|
pamrights[/zonename] |
string |
Specifies the PAM application rights to add to the currently selected role. If the PAM application right that you want to add is defined in the current zone, the |
|
cmdrights[/zonename] |
string |
Specifies the UNIX command rights to add to the currently selected role. If the UNIX command right that you want to add is defined in the current zone, the |
|
allowlocal |
Boolean |
Specifies whether local users can be assigned to the role. If this argument is specified, local users can be assigned to the role. This argument is only applicable if the zone is a hierarchical zone. |
|
rsenv |
string |
Specifies a restricted shell environment for the role you are creating. This argument is only applicable if the zone is a classic zone. |
|
visible |
Boolean |
Specifies whether the account profiles for Active Directory users in the role are visible on computers in the zone. This argument is only applicable if the zone is a hierarchical zone. |
Return value
This command returns nothing if it runs successfully.
Examples
create_role dba {Database admins - US} 11 {{oracle} {ftp}} {{testvi} {ora-stp}}
Related Tcl library commands
None.
Doc Feedback