<Sysname> system-view
[Sysname] role feature-group name security-features
[Sysname-featuregrp-security-features]
Related commands
display role feature-group
display role feature
feature
rule
Use rule to create or change a user role rule for controlling command, Web menu, XML element, or
MIB node access.
Use undo rule to delete user role rules.
Syntax
rule number { deny | permit } { command command-string | { execute | read | write } * { feature
[ feature-name ] | feature-group feature-group-name | oid oid-string | web-menu [ web-string ] |
xml-element [ xml-string ] } }
undo rule { number | all }
Default
A user-defined user role does not have any rules and cannot access any commands, Web menus,
XML elements, or MIB nodes.
Views
User role view
Predefined user roles
network-admin
Parameters
number: Specifies a rule number in the range of 1 to 256.
deny: Denies access to the specified commands, Web menus, XML elements, or MIB nodes.
permit: Permits access to the specified commands, Web menus, XML elements, or MIB nodes.
command command-string: Specifies a command string. The command string can represent a
command or a group of commands. The command-string argument is a case-sensitive string of 1 to
128 characters, including the following characters:
•
The wildcard asterisk (*).
•
The delimiters space and tab.
•
All printable characters.
execute: Specifies the execute commands, Web menus, XML elements, or MIB nodes. An execute
command (for example, ping), Web menu, XML element, or MIB node executes a specific function
or program.
read: Specifies the read commands, Web menus, XML elements, or MIB nodes. A read command
(for example, display, dir, more, or pwd), Web menu, XML element, or MIB node displays
configuration or maintenance information.
write: Specifies the write commands, Web menus, XML elements, or MIB nodes. A write command
(for example, ssh server enable), Web menu, XML element, or MIB node configures the system.
37