Rights to Run Compliance Assessments and Reports
Oracle Solaris provides two rights profiles to handle compliance assessment and report generation.
-
The Compliance Assessor rights profile enables users to perform assessments, place them in the assessment store in report format, and delete assessments from the store.
-
The Compliance Reporter rights profile enables users to locate and display existing assessments.
Compliance subcommands require the following rights:
-
compliance assess
command – Requires all privileges and thesolaris.compliance.assess
authorization. The Compliance Assessor rights profile provides these rights. -
compliance delete
command – Requires write access to the assessment store and thesolaris.compliance.assess
authorization. The Compliance Assessor rights profile provides these rights. -
compliance list
command – Requires read access to the assessment store to list and read assessments, reports, and any tailorings that are not yet packaged. Users with basic rights can list benchmarks, profiles, and packaged tailorings. -
compliance report
command – Requires read access to the assessment store to generate new reports. Users who are assigned the Compliance Assessor rights profile can generate reports and read the reports. Users with the Compliance Reporter rights profile can read the reports. -
compliance tailor
command – Requires write access to the assessment store and thesolaris.compliance.assess
authorization. The Compliance Assessor rights profile provides these rights.