Klaus Weidner wrote: > On Wed, Feb 07, 2007 at 10:45:41PM -0200, Klaus Heinrich Kiwi wrote: > >>Now that sysadm_r/sysadm_t has supehuman powers, I just wanted to confirm if >>the following is expected and in conformance with the ToE: >> >>role/type | read | write to | run | start/stop >> | auditd.log | auditd.log | auditctl | auditd >>sysadm | yes | yes | no | yes >>secadm | yes | *no* | no | no >>auditadm | *no* | no | yes | *yes* > > > I'd expect auditadm to be able to read and write the audit log, is the > current behavior intentional?
I think it was intentional. I think its been that way since the role was created. Folks wanted a role that could manage the audit system but not necessary look at the information, if I recall. -- ljk -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
