Role based access (UNIX)

Module: Account Integrity

This check reports role based access configurations that do not match those specified in the enabled templates. This check is available on Solaris 8 or later.

The following table lists the error messages for the check.

Table: Error messages for Role based access

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_RBAC_FORBIDDEN_ATTRIB Category: ESM Administrative Information	UNIX (5178)	Title: Forbidden RBAC attribute found Description:The listed RBAC attribute (user, role, or profile) contains a forbidden auth, execution attribute, profile, or role. The type and name of the forbidden attributes are listed in the information field.	Severity: red-4 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_RBAC_MANDATORY_ATTRIB Category: ESM Administrative Information	UNIX (5179)	Title: Mandatory RBAC attribute not found Description:The listed RBAC attribute (user, role, or profile) does not contain a mandatory auth, execution attribute, profile, or role. The type and name of the mandatory attributes are listed in the information field.	Severity: red-4 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_RBAC_ABSENT_ATTRIB Category: ESM Administrative Information	UNIX (5180)	Title: RBAC attribute not listed in template Description:The listed RBAC attribute (user, role, profile, auth, or execution attribute) was found on the agent, but is not listed in the template.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_RBAC_FORBIDDEN_ATTRIB

Category: ESM Administrative Information

UNIX (5178)

Title: Forbidden RBAC attribute found

Description:The listed RBAC attribute (user, role, or profile) contains a forbidden auth, execution attribute, profile, or role. The type and name of the forbidden attributes are listed in the information field.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_RBAC_MANDATORY_ATTRIB

Category: ESM Administrative Information

UNIX (5179)

Title: Mandatory RBAC attribute not found

Description:The listed RBAC attribute (user, role, or profile) does not contain a mandatory auth, execution attribute, profile, or role. The type and name of the mandatory attributes are listed in the information field.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_RBAC_ABSENT_ATTRIB

Category: ESM Administrative Information

UNIX (5180)

Title: RBAC attribute not listed in template

Description:The listed RBAC attribute (user, role, profile, auth, or execution attribute) was found on the agent, but is not listed in the template.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]