unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



dop(8)								       dop(8)



NAME

  dop -	Allows a user to execute a privileged program without knowing the
  root password. The dop command also modifies the action database.

SYNOPSIS

  /usr/sbin/dop	[-n  | -N] [ui:] action	[args]

  /usr/sbin/dop	-a priv[,priv]... action [ui:]pathspec[,[ui:]pathspec]...

  /usr/sbin/dop	-a priv[,priv]... [ui:]pathspec

  /usr/sbin/dop	-d  action

  /usr/sbin/dop	[-w  | -W]

OPTIONS

  -n  Invokes a	prompt asking the user if they want to run the command as a
      user or as root. The root	password is required to	run as root.

  -N  Attempts to run the action with the user privileges.

  -a  Adds new actions to the dop database.

  -d  Deletes an existing action from the dop database.

  -w  Writes a binary image without changing the source.

  -W  Updates the actionlist from the dop action file and then executes	the
      -w option, which writes the binary image.

OPERANDS

  action  Name of privileged program to	invoke

  args	  Arguments to pass to the application guarded by the privilege.

  priv	  Comma	separated privilege list (see sysman dopconfig)

  pathspec
	  The fully qualified path name	and arguments for the associated
	  action.

	  When specified by a comma separated pathlist and arguments for mul-
	  tiple	user interface domains (ui:), the first	ui: argument speci-
	  fied is used as the default. If no action is specified, then the
	  path base name is used. A run-time argument replaces the first
	  occurrence of	asterisk as a word (for	example	*) in a	string,	or
	  else they are	ignored. Path arguments	should be quoted per the
	  current shell.

  ui:	  Optional.  A user interface domain, typically	one of X11, suit,
	  java,	menu, cui, or cli.





DESCRIPTION

  The dop (Division of Privileges) command can execute an action after proper
  authentication from the privilege database file. For more information, see
  the Security guide.

RESTRICTIONS

  You must have	root privileges	to modify the privileges database.

EXAMPLES

  The following	example	will add an action to the AccountManagement
  privilege.

       dop -a AccountManagement	adduser_script /usr/sbin/adduser

  The following	example	runs the action	adduser_script for the AccountManage-
  ment privilege.

       dop adduser_script

  The following	example	deletes	the adduser_script action from the action
  database.

       dop -d adduser_script

FILES

  /usr/sbin/dop
      Executable file.

  /usr/sbin/sysman dopconfig
      Executable file for adding or deleting permissions for users and or
      groups.

  /etc/doprc
      dop database.

SEE ALSO

  Commands: sysman(8)