Support Center > Search Results > SecureKnowledge Details
How to effectively set user permissions in Gaia OS
Solution

Table of Contents:

  • How to effectively set user permissions in Gaia OS
  • Setting expert mode access permissions in Gaia OS
  • Documentation

 

How to effectively set user permissions in Gaia OS

The Gaia operating system has a granular Role Based Administration (RBA) system.

Each administrator managing the Gaia OS should have his own user account. This user account should be assigned with a Gaia OS role, granting the appropriate permissions to Gaia OS features.

The Gaia pre-defined 'admin' account is assigned with the 'adminRole', which grants full permissions to all features. The 'admin' account should be used by the most privileged administrator since it has ultimate control over the machine.

There are several Gaia OS 'power features', which provide a user (who is permitted to use them via an assigned role) with a privilege level equivalent to that of 'adminRole'.

List of RBA 'power features':

Feature Name in Gaia Portal Feature Name in Clish shell Allowed actions
Users user Change default shell to /bin/bash
Roles rba Assign sensitive roles
Expert Mode expert Run the "expert" command
Expert Password expert-password Change the expert password
Expert Password Hash expert-password-hash Replace expert password hash
Authentication Servers aaa-servers Define an external authentication server
Job Scheduler cron Define a scheduled job
Extended Commands command Define a new Clish command
Display Configuration configuration Show, save and load Gaia OS configuration
Backup backup Create a backup and restore from a backup
Scheduled Backup scheduled_backup Define a scheduled backup
Snapshot snapshot Create a full backup (snapshot) and revert to a full backup (snapshot)
Manage Images manage-image Manage full backups (snapshots) - create, revert
Installation ftw Run First Time Configuration Wizard from Gaia Portal
System Groups group Assign users to groups
config_system ext_config_system Run First Time Configuration Wizard from Clish shell

 

Setting expert mode access permissions in Gaia OS

To effectively block Expert mode access to a user, create a role, which does not include any of features mentioned above and assign that role to the user.

 

Documentation

For further information on configuring Users and Roles in Gaia OS, refer to Gaia Administration Guide (R77 , R80.10 , R80.20 , R80.30) - Chapter 'User Management'.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment