Super - HP 6125XLG Command Reference Manual

Rule
Do not include the vertical bar (|),
greater-than sign (>), or double
greater-than sign (>>) when you
specify display commands in a
user role command rule.
Examples
# Permit the user role role1 to execute the display acl command.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] rule 1 permit command display acl
# Permit the user role role1 to execute all commands that start with display.
[Sysname-role-role1] rule 2 permit command display *
# Permit the user role role1 to execute the radius scheme aaa command in system view and use all
commands assigned to RADIUS scheme view.
[Sysname-role-role1] rule 3 permit command system ; radius scheme aaa
# Deny the access of role1 to any read or write command of any feature.
[Sysname-role-role1] rule 4 deny read write feature
# Deny the access of role1 to any read command of the feature aaa.
[Sysname-role-role1] rule 5 deny read feature aaa
# Permit role1 to access all read, write, and execute commands of the feature group security-features.
[Sysname-role-role1] rule 6 permit read write execute feature-group security-features
Related commands
display role
•
display role feature
•
• display role feature-group
role
•

super

Use super to obtain a user role that you are not logged in with.
Syntax
super [ rolename ]
Views
User view
Predefined user roles
network-admin
Guidelines
The system does not treat these redirect signs and the parameters that
follow them as part of command lines. However, in user role command
rules, they are handled as part of command lines. As a result, no rule that
includes any of these signs can find a match.
For example, "rule 1 permit command display debugging > log" can
never find a match, because the system has a display debugging
command but not a display debugging > log command.
69