I was interested how people are generally enabling at start up and enabling at shutdown and how much of that process is included in their RBAC policy statements.
What benefits are manual start up and shutdown to the security of the system?
Acquiring a startup policy is pretty straight forward by including /sbin/gradm -F -L /full.system.RBAC.log
How do you successfully acquire a learned shutdown policy?
Shutting down with RBAC learning enabled has not been successful for me.
Does including /sbin/gradm -L /full.system.RBAC.log -O /full.system.RBAC.roles work in the shutdown to get the full roles? (trying this now)
Just wondering if the additional access given to start up and shutdown reduce security.