You can modify an existing role's capabilities or its comments.
role_name is the name of the role that you want to modify.
comments is a short string you can use to document this role.
The capability parameters are the types of access you want to grant to this role.
The -f option forces the change without a warning.
The following command line assigns the role “class2loginrights” telnet capabilities, console login capabilities, and all CLI capabilities, while removing any other capabilities that the role was granted previously.
The capabilities allowed for the specified role are listed.