Skip to content

system-cmdPolicy

The following operations can be performed on "system-cmdPolicy":

show| add| set| rm|

show system cmdPolicy

Displays information about all configured system command policies, or about the specified policy.

Synopsis

show system cmdPolicy []

Arguments

policyName Name of the system command policy about which to display information.

Output

action The policy action.

cmdSpec The matching rule that the policy will utilize.

builtin feature The feature to be checked while applying this config

devno count stateflag

add system cmdPolicy

Adds a command policy to the system. A command policy specifies the access rights of the system user. By default, the appliance already has the following policies defined: * operator * read-only * network * superuser

Synopsis

add system cmdPolicy

Arguments

policyName Name for a command policy. Must begin with a letter, number, or the underscore (_) character, and must contain only alphanumeric, hyphen (-), period (.), hash (#), space ( ), at (@), equal (=), colon (:), and underscore characters. Cannot be changed after the policy is created.

CLI Users: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my policy" or 'my policy').

action Action to perform when a request matches the policy.

Possible values: ALLOW, DENY

cmdSpec Regular expression specifying the data that matches the policy.

set system cmdPolicy

Modifies the specified attributes of an existing command policy.

Synopsis

set system cmdPolicy

Arguments

policyName Name of the command policy to be modified.

action Action to perform when a request matches the policy.

Possible values: ALLOW, DENY

cmdSpec Regular expression specifying the data that matches the policy.

rm system cmdPolicy

Removes a command policy from the appliance. Note: You cannot remove command policies that are bound to a system user.

Synopsis

rm system cmdPolicy

Arguments

policyName Name of the command policy to remove.

Was this article helpful?