Use adminuser with the -a option to assign commands to users in the TFM database.
To assign a command to a user, perform the following:
Each entry is a command and privilege entry as specified in adminrole(1M). When you assign a command to a user, make sure the user belongs to a group from which the relevant command is accessible. The -n option is only necessary if the user is not already defined in the TFM database.
``Adding a command for a user'' shows how to allow darrell to execute the mount command with privileges.
adminuser darrelldarrell: roles: assistant Commands: <none> #
adminuser -a mount:/etc/mount:mount darrell#
adminuser darrelldarrell: roles: assistant Commands: mount:/etc/mount mount #
Adding a command for a user
The initial adminuser displays the current entries for darrell, in this case the role assistant. The next adminuser adds the command mount for darrell. The first mount is the command alias darrell would use with the tfadmin command.
The second portion, /etc/mount, specifies the full path of the command. Any privileges following the path, in this case mount, are granted to the administrator when executing the command. If darrell did not already exist in the TFM database, you would also need to specify the -n option.
The final adminuser displays all the TFM entries for darrell, at this point the role assistant and the command mount.