1. Oracle Solaris 11.4 Compliance Guide
  2. Reporting Compliance to Security Standards
  3. compliance Command and Package
  4. Rights to Run Compliance Assessments and Reports

Rights to Run Compliance Assessments and Reports

Oracle Solaris provides two rights profiles to handle compliance assessment and report generation.

  • The Compliance Assessor rights profile enables users to perform assessments, place them in the assessment store in report format, and delete assessments from the store.

  • The Compliance Reporter rights profile enables users to locate and display existing assessments.

Compliance subcommands require the following rights:

  • compliance assess command – Requires all privileges and the solaris.compliance.assess authorization. The Compliance Assessor rights profile provides these rights.

  • compliance delete command – Requires write access to the assessment store and the solaris.compliance.assess authorization. The Compliance Assessor rights profile provides these rights.

  • compliance list command – Requires read access to the assessment store to list and read assessments, reports, and any tailorings that are not yet packaged. Users with basic rights can list benchmarks, profiles, and packaged tailorings.

  • compliance report command – Requires read access to the assessment store to generate new reports. Users who are assigned the Compliance Assessor rights profile can generate reports and read the reports. Users with the Compliance Reporter rights profile can read the reports.

  • compliance tailor command – Requires write access to the assessment store and the solaris.compliance.assess authorization. The Compliance Assessor rights profile provides these rights.