[redhat-lspp] Administrative Roles
Stephen John Smoogen
smooge at gmail.com
Wed Apr 26 16:53:07 UTC 2006
On 4/26/06, Michael C Thompson <thompsmc at us.ibm.com> wrote:
> Hey all,
>
> Right now, we have sysadm_r and secadm_r as our administrative roles. I
> believe Russel said he had done some work on the policy to add an audit
> administrator as well, although I'm not able to find it in the latest
> policy - what's the new name?
>
> My question is what are the responsibilities of these 3 adminstrators
> (assuming 3, are there plans for more?); I would like to know so that I
> might be able to test this.
>
> A breakdown of their responsibilities and the over-lap of those
> responsibilities would be most helpful.
I can think of at least 2 other roles we have in administrative
policies.. backup admin and general operator. In cases where the OS
allows it the backup admin is supposed to be limited to just being
able to read data from X and put it in Y. The general operator is to
be limited to just being able to check on processes, certain log
files, and be able to restart them.. but not able to read the data in
X. I am not sure how general usage this has outside of large
enterprises and .mil/.gov sites though.
Also not sure if they are needed in an LSPP targeted OS.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the redhat-lspp
mailing list