[redhat-lspp] Administrative Roles
Michael C Thompson
thompsmc at us.ibm.com
Fri Apr 28 15:56:09 UTC 2006
Stephen John Smoogen wrote:
> On 4/26/06, Michael C Thompson <thompsmc at us.ibm.com> wrote:
>> Hey all,
>>
>> Right now, we have sysadm_r and secadm_r as our administrative roles. I
>> believe Russel said he had done some work on the policy to add an audit
>> administrator as well, although I'm not able to find it in the latest
>> policy - what's the new name?
>>
>> My question is what are the responsibilities of these 3 adminstrators
>> (assuming 3, are there plans for more?); I would like to know so that I
>> might be able to test this.
>>
>> A breakdown of their responsibilities and the over-lap of those
>> responsibilities would be most helpful.
>
> I can think of at least 2 other roles we have in administrative
> policies.. backup admin and general operator. In cases where the OS
> allows it the backup admin is supposed to be limited to just being
> able to read data from X and put it in Y. The general operator is to
> be limited to just being able to check on processes, certain log
> files, and be able to restart them.. but not able to read the data in
> X. I am not sure how general usage this has outside of large
> enterprises and .mil/.gov sites though.
>
> Also not sure if they are needed in an LSPP targeted OS.
Are there any plans to add these additional roles?
Mike
More information about the redhat-lspp
mailing list