Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
auths [ user ]...
The auths command prints on standard output the authorizations that you or the optionally-specified user or role have been granted. Authorizations are rights that are checked by certain privileged programs to determine whether a user may execute restricted functionality.
Each user may have zero or more authorizations. Authorizations are represented by fully-qualified names, which identify the organization that created the authorization and the functionality that it controls. Following the Java convention, the hierarchical components of an authorization are separated by dots (.), starting with the reverse order Internet domain name of the creating organization, and ending with the specific function within a class of authorizations.
An asterisk (*) indicates all authorizations in a class.
A user's authorizations are looked up in user_attr(5) and in the /etc/security/policy.conf file (see policy.conf(5)). Authorizations may be specified directly in user_attr(5) or indirectly through prof_attr(5). Authorizations may also be assigned to every user in the system directly as default authorizations or indirectly as default profiles in the /etc/security/policy.conf file.
Example 1 Sample output
The auths output has the following form:
example% auths tester01 tester02 tester01 : solaris.system.date,solaris.jobs.admin tester02 : solaris.system.* example%
Notice that there is no space after the comma separating the authorization names in tester01.
The following exit values are returned: 0
Successful completion.
An error occurred.
profiles (1), roles (1), getauthattr (3SECDB), auth_attr (5), policy.conf (5), prof_attr (5), user_attr (5), attributes (7)