Garrett D'Amore wrote: > Man pages in the case directory indicate that Primary Administrator > (root) is required to run these commands. Why? It seems like these > commands only access information which should be considered public, so > that anyone can run them. I realize that there is an issue of accessing > the underlying device nodes, but perhaps RBAC can be used to make these > commands available to anyone? (Or perhaps the underlying device node > can be provided in "safe, read-only" type of mode?)
I'll ask a more specific question. Exactly what privileges do these commands need to run with to gather the information they need. "Primary Administrator" should never be documented in a man page. If the command really needs all privileges because that is what the device node requires then that is what we document. -- Darren J Moffat