- 论坛徽章:
- 0
|
Command listing:
----------------
alias - define/display a pseudonym.
allow - set user/group's permissions to SSO application.
allow- - remove user/group's permissions to SSO application.
authorize (auth) - set user/group's permissions to a resource.
authorize- (auth-) - remove user/group's permissions to a resource.
chappl (ca) - change the definition of an SSO application.
check - test a user's access to a resource.
checklogin - test whether a user can logon to a remote host.
chfile (cf) - change a file profile in the eTrust database
chgrp (cg) - change group attributes.
chlogin (cl) - change a user's login record in the eTrust database.
chres (cr) - change resource attributes.
chusr (cu) - change user attributes.
editappl (ea) - if application nonexistent operates as newappl
if application exists operates as chappl
editfile (ef) - if file nonexistent operates as newfile
if file exists operates as chfile
editgrp (eg) - if group nonexistent operates as newgrp
if group exists operates as chgrp
editlogin (el) - if user nonexistent operates as newlogin
if user exists operates as chlogin
editres (er) - if resource nonexistent operates as newres
if resource exists operates as chres
editusr (eu) - if user nonexistent operates as newusr
if user exists operates as chusr
environment - change the target environment.
find (f) - show a listing of profiles in a class.
help [topic] - show help [concerning topic].
history - show command history information.
hosts [(hosts-list)] - show/set list of target hosts/PMDBs.
join (j) - join a user to a group.
join- (j-) - remove a user from a group.
newappl (na) - add an SSO application definition.
newfile (nf) - add a file profile to the eTrust database
newgrp (ng) - add a new group to the eTrust database.
newlogin (nl) - add a new login information record for a user.
newres (nr) - add a new resource to eTrust database.
newusr (nu) - add a new user to the eTrust database.
rename - change the name of an object to a new name.
rmappl (ra) - remove an SSO application definition.
rmfile (rf) - remove a file profile from the eTrust database
rmgrp (rg) - remove a group from the eTrust database.
rmlogin (rl) - remove a user's login record from the eTrust database.
rmres (rr) - remove a resource from eTrust database.
rmusr (ru) - remove a user from the eTrust database.
ruler - select properties to display in query.
setoptions (so) - set/show eTrust database options.
showappl (sa) - list an SSO application.
showfile (sf) - list a file from the eTrust database.
showgrp (sg) - list a group from the eTrust database.
showres (sr) - list a resource.
showusr (su) - list a user from the eTrust database.
source - read commands from a file.
unalias - remove a pseudonym defined by alias.
For a specific command - type 'help command-name'
To list possible access values - type 'help access'
For a short description of a specific eTrust class - type 'help class-name'
For a list of the available classes - type 'find'
For a list of lineediting options - type 'help lineedit'
eTrust> help alias
alias [alias-name [alias-value]]
If no parameter is specified a list of all aliases defined is displayed.
If alias-name is specified but alias-value is not specified, the value
for the specified alias is displayed.
If alias-name is specified as well as alias-value the alias-name is
defined as a pseudonym for alias-value.
Aliases are not expanded in value strings; e.g say you defined an
alias newterm by "alias newterm newres terminal", the string newterm
will be replaced with "newres terminal", whenever used in a context where
a command name or a property name should be specified. If you issue
for example "newterm newterm owner(nobody)" then the first newterm will
be replaced but the second will not.
Aliases can also appear instead of property names; e.g you can use
"alias acc access" and then issue "authorize file x uid(y) acc(z)"
Alias parameters:
-----------------
Aliases can be defined with parameters, these parameters will be
inserted in the string replacing alias-name.
e.g if you use "alias newadmin newusr $0 admin" and then issue
newadmin(bob), the command will be interpreted as "newusr bob admin".
NOTE: the string "bob" must be within parenthesis.
There can be up to 10 parameters for each alias ($0-$9).
Using your own set of aliases
-----------------------------
If you have a set of aliases you would like to use in all selang
sessions, define those aliases in the .selangrc file which resides
in your home directory and use selang with the -r option.
eTrust> help allow
{allow} {appl | gappl} application-name
[access( all | execute | none)]
[gid(group-name...)]
[id(user-name... | group-name...)]
[uid({user-name...|*})]
or:
{allow- | al-} {appl | gappl} application-name
[gid(group-name...)]
[id(user-name... | group-name...)]
[uid({user-name...|*})]
eTrust> help allow-
{allow} {appl | gappl} application-name
[access( all | execute | none)]
[gid(group-name...)]
[id(user-name... | group-name...)]
[uid({user-name...|*})]
or:
{allow- | al-} {appl | gappl} application-name
[gid(group-name...)]
[id(user-name... | group-name...)]
[uid({user-name...|*})]
eTrust> help authorize
{authorize | auth} class-name profile-name
[uid({user-name...|*})]
[gid(group-name...)]
[access(access-value)]
[via(pgm(program-names...))]
[unix]
or:
{authorize- | auth-} class-name profile-name {uid | gid}(name...) [unix]
or:
{authorize | auth} class-name station-name
service(service-name | service-number | service-number-range)
[access(read|none)]
or:
{authorize- | auth-} class-name station-name
service(service-name | service-number | service-range)
or:
{authorize | auth} TCP tcp-service-name
[host(host-name...)]
[ghost(ghost-name...)]
[hostnp(hostnp-name...)]
[hostnet(hostnet-name...)]
[uid({user-name...|*})]
[gid(group-name...)]
[access(read | none | write)]
or:
{authorize- | auth-} TCP tcp-service-name
[host(host-name...)]
[ghost(ghost-name...)]
[hostnp(hostnp-name...)]
[hostnet(hostnet-name...)]
[uid({user-name...|*})]
[gid(group-name...)]
or:
{authorize | auth} WAC-class-name resource-name
[user_attr(user-attribute)]
[attr_va(attribute-val)]
{user_dir(user-directory)}
{access(WAC-access)}
{response_yes(granted-response)}
{response_no(denied-response)}
For a list of access values, type 'help access'
eTrust> help authorize-
{authorize | auth} class-name profile-name
[uid({user-name...|*})]
[gid(group-name...)]
[access(access-value)]
[via(pgm(program-names...))]
[unix]
or:
{authorize- | auth-} class-name profile-name {uid | gid}(name...) [unix]
or:
{authorize | auth} class-name station-name
service(service-name | service-number | service-number-range)
[access(read|none)]
or:
{authorize- | auth-} class-name station-name
service(service-name | service-number | service-range)
or:
{authorize | auth} TCP tcp-service-name
[host(host-name...)]
[ghost(ghost-name...)]
[hostnp(hostnp-name...)]
[hostnet(hostnet-name...)]
[uid({user-name...|*})]
[gid(group-name...)]
[access(read | none | write)]
or:
{authorize- | auth-} TCP tcp-service-name
[host(host-name...)]
[ghost(ghost-name...)]
[hostnp(hostnp-name...)]
[hostnet(hostnet-name...)]
[uid({user-name...|*})]
[gid(group-name...)]
or:
{authorize | auth} WAC-class-name resource-name
[user_attr(user-attribute)]
[attr_va(attribute-val)]
{user_dir(user-directory)}
{access(WAC-access)}
{response_yes(granted-response)}
{response_no(denied-response)}
For a list of access values, type 'help access'
eTrust> help chappl
{chappl | ca} application-name | (application-names...)
or
{editappl | ea} application-name | (application-names...)
[audit(none | all | success | failure )]
[caption(caption-name) | caption-]
[comment('installation defined data')]
[container | container-]
[defaccess( all | execute | none )]
[disable| disable-]
[gacc(access-value)]
[hidden | hidden-]
[host(host-name) | host-]
[iconfile(iconfile-name) | iconfile-]
[iconid(iconid-number) | iconid-]
[item(application-name ...) | item-(application-name ...)]
[login_type( none | otp | pwd | ticket )]
[master(application-name) | master-]
[mon_file(monitor-file-name)]
[notify(user-name) | notify-]
[owner(user-name or group-name)]
[postcmd(command-name | ; command-names...) | postcmd-]
[precmd(command-name | ; command-names...) | precmd-]
[ptprofile(quoted-string)]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwpolicy(policy-name) | pwpolicy-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name) | script-]
[sensitive | sensitive-]
[tktkey(ticket-key)]
[tktprofile(ticket-profile)]
[uacc(access-value)]
[warning | warning-]
[cmdline(command line) | cmdline-]
[pgmdir(program directory) | pgmdir-]
help check
eTrust> help check
check class-name resource-name | (resource-names...)
[uid({user-name...|*})]
[access(access-value)]
eTrust> help checklogin
checklogin user-name
[password(user's-password)]
[terminal(login-terminal-name)]
eTrust> help chfile
{chfile | cf} file-name | (file-names...)
or
{editfile | ef} file-name | (file-names...)
[audit(none | all | success | failure)]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment-]
[defaccess(global-access-value)]
[gowner(group-name)]
[label(seclabel-name) | label-]
[level(seclevel-num) | level-]
[notify(notify-address) | notify-]
[owner(user-name or group-name)]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[warning | warning-]
eTrust> help chgrp
{chgrp | cg} group-name | (group-names ...)
or
{editgrp | eg} group-name | (group-names ...)
[audit(none | all | success | failure | loginsuccess | loginfail | trace) | audit-]
[auth_type(authentication-method)]
[auth_type+(authentication-method)]
[auth_type-(authentication-method)]
[comment('installation defined data') | comment- ]
[expire | expire(mm/dd/yy[yy][@hh:mm]) | expire-]
[gowner(group-name)]
[homedir(full-path | nohomedir)]
[inactive(num-inactive-days) | inactive-]
[maxlogins(maximum-number-of-logins) | maxlogins-]
[name('full-name')]
[owner(user-name or group-name)]
[parent(group-name) | parent-]
[password(
[history(number-stored-passwords) | history-]
[interval(maximum-password-change-interval) | interval-]
[min_life(minimum-password-change-interval) | min_life-]
[rules(
[alpha(minimum-alpha-characters)]
[alphanum(minimum-alphanumeric-characters)]
[grace(number-of-grace-logins)]
[min_len(minimum-password-length)]
[max_len(maximum-password-length)]
[lowercase(minimum-lowercase-characters)]
[max_rep(max-repetitive-characters)]
[namechk | namechk-]
[numeric(minimum-numeric-characters)]
[oldpwchk | oldpwchk-]
[special(minimum-special-characters)]
[uppercase(minimum-uppercase-characters)]
)]
[rules-]
)]
[pmdb(PolicyModel-name) | pmdb-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm]) | resume-]
[shellprog(full-path)]
[suspend | suspend(mm/dd/yy[yy][@hh:mm]) | suspend-]
[unix | unix( unix-group-attributes )]
unix-group-attributes :
[appl(quoted-string)]
[groupid(groupid-number)]
[userlist(user-name...)]
eTrust> help chlogin
{chlogin | cl} user-name | (user-names...)
or
{editlogin | el} user-name | (user-names...)
{appl | a} (application-name)
[currpwd(appl-password) | currpwd-]
[grace(user-grace) | grace-]
[loginid(appl-loginname) | loginid-]
[nextpwd(appl-nextpwd) | nextpwd-]
[resetcount]
eTrust> help chres
{chres | cr} class-name resource-name | (resource-names...)
or
{editres | er} class-name resource-name | (resource-names...)
[audit(none | all | success | failure)]
[caption(caption-name) | caption-]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment-]
[container | container-]
[dates(mm/dd/[yy[yy]][@hh:mm][-mm/dd/[yy[yy]][@hh:mm]]...) |
dates-(mm/dd/[yy[yy]][@hh:mm][-mm/dd/[yy[yy]][@hh:mm]]...)]
[defaccess(global-access-value)]
[disable| disable-]
[flags(trusted-program-flags)]
[flags+(trusted-program-flags)]
[flags-(trusted-program-flags)]
trusted-program-flags:
{[Mtime] [Mode] [Size] [Device] [Inode] [Crc] [Owner] [Group]}
| All | None
[gacc(access-value)]
[gowner(group-name)]
[hidden | hidden-]
[host(host-name) | host-]
[iconfile(iconfile-name) | iconfile-]
[iconid(iconid-number) | iconid-]
[item(application-name ...) | item-(application-name ...)]
[label(seclabel-name) | label-]
[level(seclevel-num) | level-]
[login_type( none | otp | pwd | ticket )]
[mask(inet-address) match(inet-address)]
[master(application-name) | master-]
[mem+(member-names ...) | mem-(member-names...) ]
[notify(notify-address) | notify-]
[owner(user-name or group-name)]
[password | password-]
[postcmd(command-name | ; command-names...) | postcmd-]
[precmd(command-name | ; command-names...) | precmd-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwpolicy(policy-name) | pwpolicy-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name) | script-]
[sensitive | sensitive-]
[targuid(user-name)]
[trust | trust-]
[uacc(access-value)]
[warning | warning-]
[agent_type]
[of_resource]
[resaccess]
[resp_list | resp_list+ | resp_list-]
[db_field]
[field_id]
[predef | predef- | predef+]
[user_dir]
[addcategory]
[auth_method]
[base_path]
[cont_format]
[properties]
[user_format]
eTrust> help chusr
{chusr | cu} user-name | (user-names ...)
or
{editusr | eu} user-name | (user-names ...)
[admin | admin-]
[audit(none | all | success | failure | loginsuccess | loginfail | trace) | audit-]
[auditor | auditor-]
[auth_type(authentication-method)]
[auth_type+(authentication-method)]
[auth_type-(authentication-method)]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment- ]
[country(...)]
[email(email-address)]
[enable]
[expire | expire(mm/dd/yy[yy][@hh:mm]) | expire-]
[gowner(group-name)]
[grace(number-of-grace-logins) | grace-]
[ign_hol | ign_hol-]
[inactive(num-inactive-days) | inactive-]
[interval(maximum-password-change-interval) | interval-]
[label(label-name)| label-]
[level(seclevel-num) | level-]
[location(...)]
[maxlogins(maximum-number-of-logins) | maxlogins-]
[min_life(minimum-password-change-interval) | min_life-]
[name('full-name')]
[notify(notify-address) | notify-]
[operator | operator-]
[organization(name)]
[org_unit(name)]
[owner(user-name or group-name)]
[password(user's temporary password)]
[phone(...)]
[pmdb(PolicyModel-name) | pmdb-]
[profile(group-name) | profile-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwmanager | pwmanager-]
[regular]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm]) | resume-]
[server | server-]
[suspend | suspend(mm/dd/yy[yy][@hh:mm]) | suspend-]
[unix | unix( unix-user-attributes )]
unix-user-attributes :
[appl(quoted-string)]
[gecos(quoted-string)]
[homedir(full-path | nohomedir)]
[pgroup(primary-group-name)]
[shellprog(full-path)]
[userid(userid-number)]
eTrust> help editappl
{chappl | ca} application-name | (application-names...)
or
{editappl | ea} application-name | (application-names...)
[audit(none | all | success | failure )]
[caption(caption-name) | caption-]
[comment('installation defined data')]
[container | container-]
[defaccess( all | execute | none )]
[disable| disable-]
[gacc(access-value)]
[hidden | hidden-]
[host(host-name) | host-]
[iconfile(iconfile-name) | iconfile-]
[iconid(iconid-number) | iconid-]
[item(application-name ...) | item-(application-name ...)]
[login_type( none | otp | pwd | ticket )]
[master(application-name) | master-]
[mon_file(monitor-file-name)]
[notify(user-name) | notify-]
[owner(user-name or group-name)]
[postcmd(command-name | ; command-names...) | postcmd-]
[precmd(command-name | ; command-names...) | precmd-]
[ptprofile(quoted-string)]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwpolicy(policy-name) | pwpolicy-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name) | script-]
[sensitive | sensitive-]
[tktkey(ticket-key)]
[tktprofile(ticket-profile)]
[uacc(access-value)]
[warning | warning-]
[cmdline(command line) | cmdline-]
[pgmdir(program directory) | pgmdir-]
eTrust> help editfile
{chfile | cf} file-name | (file-names...)
or
{editfile | ef} file-name | (file-names...)
[audit(none | all | success | failure)]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment-]
[defaccess(global-access-value)]
[gowner(group-name)]
[label(seclabel-name) | label-]
[level(seclevel-num) | level-]
[notify(notify-address) | notify-]
[owner(user-name or group-name)]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[warning | warning-]
eTrust> help editgrp
{chgrp | cg} group-name | (group-names ...)
or
{editgrp | eg} group-name | (group-names ...)
[audit(none | all | success | failure | loginsuccess | loginfail | trace) | audit-]
[auth_type(authentication-method)]
[auth_type+(authentication-method)]
[auth_type-(authentication-method)]
[comment('installation defined data') | comment- ]
[expire | expire(mm/dd/yy[yy][@hh:mm]) | expire-]
[gowner(group-name)]
[homedir(full-path | nohomedir)]
[inactive(num-inactive-days) | inactive-]
[maxlogins(maximum-number-of-logins) | maxlogins-]
[name('full-name')]
[owner(user-name or group-name)]
[parent(group-name) | parent-]
[password(
[history(number-stored-passwords) | history-]
[interval(maximum-password-change-interval) | interval-]
[min_life(minimum-password-change-interval) | min_life-]
[rules(
[alpha(minimum-alpha-characters)]
[alphanum(minimum-alphanumeric-characters)]
[grace(number-of-grace-logins)]
[min_len(minimum-password-length)]
[max_len(maximum-password-length)]
[lowercase(minimum-lowercase-characters)]
[max_rep(max-repetitive-characters)]
[namechk | namechk-]
[numeric(minimum-numeric-characters)]
[oldpwchk | oldpwchk-]
[special(minimum-special-characters)]
[uppercase(minimum-uppercase-characters)]
)]
[rules-]
)]
[pmdb(PolicyModel-name) | pmdb-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm]) | resume-]
[shellprog(full-path)]
[suspend | suspend(mm/dd/yy[yy][@hh:mm]) | suspend-]
[unix | unix( unix-group-attributes )]
unix-group-attributes :
[appl(quoted-string)]
[groupid(groupid-number)]
[userlist(user-name...)]
eTrust> help editlogin
{chlogin | cl} user-name | (user-names...)
or
{editlogin | el} user-name | (user-names...)
{appl | a} (application-name)
[currpwd(appl-password) | currpwd-]
[grace(user-grace) | grace-]
[loginid(appl-loginname) | loginid-]
[nextpwd(appl-nextpwd) | nextpwd-]
[resetcount]
eTrust> help editres
{chres | cr} class-name resource-name | (resource-names...)
or
{editres | er} class-name resource-name | (resource-names...)
[audit(none | all | success | failure)]
[caption(caption-name) | caption-]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment-]
[container | container-]
[dates(mm/dd/[yy[yy]][@hh:mm][-mm/dd/[yy[yy]][@hh:mm]]...) |
dates-(mm/dd/[yy[yy]][@hh:mm][-mm/dd/[yy[yy]][@hh:mm]]...)]
[defaccess(global-access-value)]
[disable| disable-]
[flags(trusted-program-flags)]
[flags+(trusted-program-flags)]
[flags-(trusted-program-flags)]
trusted-program-flags:
{[Mtime] [Mode] [Size] [Device] [Inode] [Crc] [Owner] [Group]}
| All | None
[gacc(access-value)]
[gowner(group-name)]
[hidden | hidden-]
[host(host-name) | host-]
[iconfile(iconfile-name) | iconfile-]
[iconid(iconid-number) | iconid-]
[item(application-name ...) | item-(application-name ...)]
[label(seclabel-name) | label-]
[level(seclevel-num) | level-]
[login_type( none | otp | pwd | ticket )]
[mask(inet-address) match(inet-address)]
[master(application-name) | master-]
[mem+(member-names ...) | mem-(member-names...) ]
[notify(notify-address) | notify-]
[owner(user-name or group-name)]
[password | password-]
[postcmd(command-name | ; command-names...) | postcmd-]
[precmd(command-name | ; command-names...) | precmd-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwpolicy(policy-name) | pwpolicy-]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name) | script-]
[sensitive | sensitive-]
[targuid(user-name)]
[trust | trust-]
[uacc(access-value)]
[warning | warning-]
[agent_type]
[of_resource]
[resaccess]
[resp_list | resp_list+ | resp_list-]
[db_field]
[field_id]
[predef | predef- | predef+]
[user_dir]
[addcategory]
[auth_method]
[base_path]
[cont_format]
[properties]
[user_format]
eTrust> help editusr
{chusr | cu} user-name | (user-names ...)
or
{editusr | eu} user-name | (user-names ...)
[admin | admin-]
[audit(none | all | success | failure | loginsuccess | loginfail | trace) | audit-]
[auditor | auditor-]
[auth_type(authentication-method)]
[auth_type+(authentication-method)]
[auth_type-(authentication-method)]
[category(category-names...) | category-(category-names...)]
[comment('installation defined data') | comment- ]
[country(...)]
[email(email-address)]
[enable]
[expire | expire(mm/dd/yy[yy][@hh:mm]) | expire-]
[gowner(group-name)]
[grace(number-of-grace-logins) | grace-]
[ign_hol | ign_hol-]
[inactive(num-inactive-days) | inactive-]
[interval(maximum-password-change-interval) | interval-]
[label(label-name)| label-]
[level(seclevel-num) | level-]
[location(...)]
[maxlogins(maximum-number-of-logins) | maxlogins-]
[min_life(minimum-password-change-interval) | min_life-]
[name('full-name')]
[notify(notify-address) | notify-]
[operator | operator-]
[organization(name)]
[org_unit(name)]
[owner(user-name or group-name)]
[password(user's temporary password)]
[phone(...)]
[pmdb(PolicyModel-name) | pmdb-]
[profile(group-name) | profile-]
[pwd_autogen | pwd_autogen-]
[pwd_sync | pwd_sync-]
[pwmanager | pwmanager-]
[regular]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) ) | restrictions-]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm]) | resume-]
[server | server-]
[suspend | suspend(mm/dd/yy[yy][@hh:mm]) | suspend-]
[unix | unix( unix-user-attributes )]
unix-user-attributes :
[appl(quoted-string)]
[gecos(quoted-string)]
[homedir(full-path | nohomedir)]
[pgroup(primary-group-name)]
[shellprog(full-path)]
[userid(userid-number)]
eTrust> help environment
Set the environment to which the commands from now on apply.
If this command is not specified, eTrust is the default environment
Type 'help unix' for more about Unix environment.
Type 'help nt' for more about NT environment.
Type 'help native' for more about Native environment.
Type 'env pmd; help' for more about Pmd environment.
eTrust> help find
{find | search | f} [class(class-name) | class-name] [object-name-mask]
eTrust> help help
Subject not found.
eTrust> help history
history
show command history information.
You may use :
^^[string] invoke last command.
^-offset[string] invoke the command issued before offset commands.
^command-number[string] invoke command command-number from history.
^prefix [string] invoke the latest command beginning with prefix.
if string is specified it will be added at the end of the command.
eTrust> help hosts
hosts - to list current hosts for which the commands apply or
hosts (host-names) to set the hosts for which the commands will apply.
The default is the current host.
eTrust> help join
{join | j} user-name | (user-names ...)
group(group-names)
[admin | admin-]
[auditor | auditor-]
[gowner(group-name)]
[operator | operator-]
[owner(user-name or group-name)]
[pwmanager | pwmanager-]
[regular]
[unix]
eTrust> help join-
{join- | j-} user-name group(group-names) [unix]
eTrust> help newappl
{newappl | na} application-name | (application-names...)
[audit(none | all | success | failure )]
[caption(caption-name)]
[comment('installation defined data')]
[container]
[defaccess( all | execute | none )]
[disable| disable-]
[gacc(access-value)]
[hidden]
[host(host-name)]
[iconfile(iconfile-name)]
[iconid(iconid-number)]
[item(application-name ...)]
[login_type( none | otp | pwd | ticket )]
[master(application-name)]
[mon_file(monitor-file-name)]
[notify(user-name)]
[owner(user-name or group-name)]
[postcmd(command-name | ; command-names...)]
[precmd(command-name | ; command-names...)]
[ptprofile(quoted-string)]
[pwd_autogen]
[pwd_sync]
[pwpolicy(policy-name)]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) )]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name)]
[sensitive]
[tktkey(ticket-key)]
[tktprofile(ticket-profile)]
[uacc(access-value)]
[warning]
[cmdline(command line) | cmdline-]
[pgmdir(program directory) | pgmdir-]
eTrust> help newfile
{newfile | nf} profile-name | (profile-names...)
[audit(none | all | success | failure )]
[category(category-names...)]
[comment('installation defined data')]
[defaccess(global-access-value)]
[gowner(group-name)]
[label(seclabel-name)]
[level(seclevel-num)]
[notify(notify-address)]
[owner(user-name or group-name)]
[warning]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) )]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
eTrust> help newgrp
{newgrp | ng} group-name | (group-names ...)
[audit(none | all | success | failure | loginsuccess | loginfail | trace)]
[auth_type(authentication-method)]
[comment('installation defined data')]
[expire | expire(mm/dd/yy[yy][@hh:mm])]
[gowner(group-name)]
[homedir(full-path | nohomedir)]
[inactive(num-inactive-days)]
[maxlogins(maximum-number-of-logins)]
[name('full-name']
[owner(user-name or group-name)]
[parent(group-name)]
[password(
[history(number-stored-passwords) | history-]
[interval(maximum-password-change-interval) | interval-]
[min_life(minimum-password-change-interval) | min_life-]
[rules(
[alpha(minimum-alpha-characters)]
[alphanum(minimum-alphanumeric-characters)]
[grace(number-of-grace-logins)]
[min_len(minimum-password-length)]
[max_len(maximum-password-length)]
[lowercase(minimum-lowercase-characters)]
[max_rep(max-repetitive-characters)]
[namechk | namechk-]
[numeric(minimum-numeric-characters)]
[oldpwchk | oldpwchk-]
[special(minimum-special-characters)]
[uppercase(minimum-uppercase-characters)]
)]
[rules-]
)]
[pmdb(PolicyModel-name)]
[pwd_autogen]
[pwd_sync]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) )]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm])]
[shellprog(full-path)]
[suspend | suspend(mm/dd/yy[yy][@hh:mm])]
[unix | unix( unix-group-attributes )]
unix-group-attributes :
[appl(quoted-string)]
[groupid(groupid-number)]
[userlist(user-name...)]
eTrust> help newlogin
{newlogin | nl} user-name | (user-names...)
{appl | a} (application-name)]
[currpwd(appl-password)]
[grace(user-grace)]
[loginid(appl-loginname)]
[nextpwd(appl-nextpwd)]
eTrust> help newres
{newres | nr} class-name resource-name | (resource-names...)
[audit(none | all | success | failure )]
[caption(caption-name)]
[category(category-names...)]
[comment('installation defined data')]
[container]
[dates(mm/dd/[yy[yy]][@hh:mm][-mm/dd/[yy[yy]][@hh:mm]])]
[defaccess(global-access-value)]
[disable]
[flags(trusted-program-flags)]
trusted-program-flags:
{[Mtime] [Mode] [Size] [Device] [Inode] [Crc] [Owner] [Group]}
| All | None
[gacc(access-value)]
[gowner(group-name)]
[hidden]
[host(host-name)]
[iconfile(iconfile-name)]
[iconid(iconid-number)]
[item(application-name ...)]
[key(private-encryption-key)]
[label(seclabel-name)]
[level(seclevel-num)]
[login_type( none | otp | pwd | ticket )]
[mask(inet-address) match(inet-address)]
[master(application-name)]
[mem+(member-name ...)]
[notify(notify-address)]
[owner(user-name or group-name)]
[password]
[postcmd(command-name | ; command-names...)]
[precmd(command-name | ; command-names...)]
[pwd_autogen]
[pwd_sync]
[pwpolicy(policy-name)]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) )]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[script(script-name)]
[seclabel(security-label)]
[seclevel(security-level)]
[sensitive]
[targuid(user-name)]
[trust-]
[uacc(access-value)]
[warning]
[agent_type]
[of_resource]
[resaccess]
[resp_list]
[db_field]
[field_id]
[predef]
[user_dir]
[addcategory]
[auth_method]
[base_path]
[cont_formath]
[properties]
[user_format]
eTrust> help newusr
{newusr | nu} user-name | (user-names ...)
[admin]
[audit(none | all | success | failure | loginsuccess | loginfail | trace)]
[auditor]
[auth_type(authentication-method)]
[category(category-names...)]
[comment('installation defined data')]
[country(...)]
[email(email-address)]
[enable]
[expire | expire(mm/dd/yy[yy][@hh:mm])]
[gowner(group-name)]
[grace(number-of-grace-logins)]
[ign_hol]
[inactive(num-inactive-days)]
[interval(maximum-password-change-interval)]
[label(label-name)]
[level(seclevel-num)]
[location(...)]
[min_life(minimum-password-change-interval)]
[maxlogins(maximum-number-of-logins)]
[name('full-name')]
[notify(notify-address)]
[operator]
[organization(name)]
[org_unit(name)]
[owner(user-name or group-name)]
[password(user's temporary password)]
[phone(...)]
[pmdb(PolicyModel-name)]
[profile(group-name)]
[pwd_autogen]
[pwd_sync]
[pwmanager]
[restrictions(days( day-data ) time(hhmm:hhmm | anytime) )]
day-data: {[mon] [tue] [wed] [thu] [fri] [sat] [sun]} | anyday | weekdays
[resume | resume(mm/dd/yy[yy][@hh:mm])]
[server]
[suspend | suspend(mm/dd/yy[yy][@hh:mm])]
[unix | unix( unix-user-attributes )]
unix-user-attributes :
[appl(quoted-string)]
[gecos(quoted-string)]
[homedir(full-path | nohomedir)]
[pgroup(primary-group-name)]
[shellprog(full-path)]
[userid(userid-number)]
eTrust> help rename
rename class-name old-name new-name
The rename command changes an object name, so that it is identified by
the new name only.
eTrust> help rmappl
{rmappl | ra} application-name | (application-names ...)
eTrust> help rmfile
{rmfile | rf} file-name | (file-names ...)
eTrust> help rmgrp
{rmgrp | rg} group-name | (group-names ...)
[unix]
eTrust> help rmlogin
{rmlogin | rl} user-name | (user-names ...)
{appl(application-name)}
eTrust> help rmres
{rmres | rr} class-name profile-name | (profile-names ...)
eTrust> help rmusr
{rmusr | ru} user-name | (user-names ...)
[unix]
eTrust> help ruler
ruler class-name [props(all | list-of-property-names)]
Use the ruler command to select the properties you want to be displayed
for records of a specific class.
Using ruler command without specifying props shows the current ruler
used.
Using props(all) will set the ruler to all important properties in the
specified class.
To specify a property list use the names of the properties in eTrust
database, see eTrust manuals or use [r]dbdump to get a list of the
valid properties for each class.
NOTE: The ruler is a property of the connection, after changing the
target hosts the ruler is no more valid.
eTrust> help setoptions
{setoptions | so}
[{class+|class-}(class-name...)]
class-name can be SECLEVEL, PASSWORD or any valid resource
class in the database.
Use 'list' command to list all classes in the database
[accgrr | accgrr-]
[accpacl | accpacl-]
[cng_adminpwd | cng_adminpwd- ]
[cng_ownpwd | cng_ownpwd- ]
[inactive(num-inactive-days) | inactive-]
[maxlogins(maximum-number-of-logins) | maxlogins-]
[password(
[history(number-stored-passwords) | history-]
[interval(maximum-password-change-interval) | interval-]
[min_life(minimum-password-change-interval) | min_life-]
[rules(
[alpha(minimum-alpha-characters)]
[alphanum(minimum-alphanumeric-characters)]
[grace(number-of-grace-logins)]
[min_len(minimum-password-length)]
[max_len(maximum-password-length)]
[lowercase(minimum-lowercase-characters)]
[max_rep(max-repetitive-characters)]
[namechk | namechk-]
[numeric(minimum-numeric-characters)]
[oldpwchk | oldpwchk-]
[special(minimum-special-characters)]
[uppercase(minimum-uppercase-characters)]
)]
[rules-]
)]
or:
setoptions list
eTrust> help showappl
{showappl | sa} application-name | (application-names...)
eTrust> help showfile
{showfile | sf} [file-name | (file-names...)]
[addprops(list-of-properties)]
[native]
[next]
[nt]
[props(list-of-properties)]
[useprops(list-of-properties)]
[unix]
eTrust> help showgrp
{showgrp | sg} [group-name | (group-names...)]
[addprops(list-of-properties)]
[native]
[next]
[nt]
[props(list-of-properties)]
[useprops(list-of-properties)]
[unix]
eTrust> help showres
{showres | sr} resource-class [resource-name | (resource-names...)]
[addprops(list-of-properties)]
[next]
[props(list-of-properties)]
[useprops(list-of-properties)]
eTrust> help showusr
{showusr | su} [user-name | (user-names...)]
[addprops(list-of-properties)]
[native]
[next]
[nt]
[props(list-of-properties)]
[useprops(list-of-properties)]
[unix | unix groups]
eTrust> help source
source file-name
eTrust> help unalias
unalias alias-name
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/4298/showart_188047.html |
|