Classconfig – Brocade Fabric OS Command Reference (Supporting Fabric OS v7.3.0) User Manual

Page 160

background image

130

Fabric OS Command Reference

53-1003131-01

classConfig

2

classConfig

Displays RBAC class permissions.

SYNOPSIS

classconfig --show class_name | -all | -classlist

classconfig --showcli command

classconfig --showroles class_name

classconfig --help

DESCRIPTION

Use this command to display information about role-based access control (RBAC) permissions for one or
all meta-object format (MOF) classes, to display permissions for a specified command, or to display the
permissions for a specified MOF class.

Fabric OS commands are grouped into feature sets called MOF classes. For example, the commands
ldapCfg, passwd, passwdCfg, and userConfig are all related to User Management and are therefore
grouped together under a MOF class called UserManagement.

The pre-defined roles Root, Factory, Admin, User, SwitchAdmin, ZoneAdmin, FabricAdmin,
BasicSwitchAdmin, SecurityAdmin and Operator provide a mechanism for further restricting access to
commands of a certain class by role-specific permissions. For example, a user with the ZoneAdmin role
will have access to the commands under the MOF class Zoning but not to those under the
UserManagement class.

The following RBAC permissions are supported in Fabric OS:

O = observe

OM = observe-modify

N = no access

Note that the MOF class level permissions extend to all commands in that class, but not necessarily to
each and every command option. For example, a command may have the RBAC class permission of
"OM", but a show only option under that command may have the permission "O". At the role level, a
certain role may be excluded from viewing the command information, in which case the permission for
that role would be "N".

NOTES

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.

OPERANDS

This command has the following optional operand:

--show

Displays RBAC permission information. One of the following operands is required:

class_name or -all

Displays permissions for a single MOF class or for all classes. The output displays
the class name, the CLIs grouped under the specified class, the command
options, and the RBAC class permissions for each command option.

-classlist

Displays an alphabetical listing of all MOF classes supported in Fabric OS.