On RHEL 8, are there prepared functions, methods, processes or tools to implement administrator/operator and auditor roles in the following way:
- An administrator/operator should be able to do almost everything except modifying/deleting logs
- An auditor should be able to read everything, and to delete logs
On my research, I did not find any hints or best practices for this concept. But I imagine, that this might be a common requirement for systems that shall comply with ISO 27001. So I am whondering, if there are already maintainable solutions to implpement such roles on RHEL or if it can be accomplished at all or if this is (currently) just not feasible on RHEL.