profiles - print execution profiles for a user
profiles [-l] [ user ...]
The profiles command prints on standard output the names of
the execution profiles that have been assigned to you or to
the optionally-specified user or role name. Profiles are a
bundling mechanism used to enumerate the commands and
authorizations needed to peform a specific function. Along
with each listed executable are the process attributes, such
as the effective user and group IDs, with which the process
runs when started by a privileged command interpreter. The
profile shells are pfcsh, pfksh, and pfexec. See the
pfexec(1) man page. Profiles can contain other profiles
defined in prof_attr(4).
Multiple profiles can be combined to construct the appropri-
ate access control. When profiles are assigned, the authori-
zations are added to the existing set. If the same command
appears in multiple profiles, the first occurrence, as
determined by the ordering of the profiles, is used for
process-attribute settings. For convenience, a wild card can
be specified to match all commands.
When profiles are interpreted, the profile list is loaded
from user_attr(4). If any default profile is defined in
/etc/security/policy.conf (see policy.conf(4)), the list of
default profiles will be added to the list loaded from
user_attr(4). Matching entries in prof_attr(4) provide the
authorizations list, and matching entries in exec_attr(4)
provide the commands list.
-l Lists the commands in each profile followed by the
special process attributes such as user and group IDs.
Example 1: Sample output
The output of the profiles command has the following form:
example% profiles tester01 tester02
tester01 : Audit Management, All Commands
tester02 : Device Management, All Commands
Example 2: Using the list option
example% profiles -l tester01 tester02
/usr/sbin/auditconfig euid=root egid=sys
The following exit values are returned:
0 Successful completion.
1 An error occurred.
See attributes(5) for descriptions of the following attri-
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
| Availability | SUNWcsu |
auths(1), pfexec(1), roles(1), getprofattr(3SECDB),
exec_attr(4), policy.conf(4), prof_attr(4), user_attr(4),
Man(1) output converted with