Summary'admin-internal' is an internal user account that performs 'super user' changes on the device when necessary.
OverviewWhen a System Administrator level user perform operations on the box, they have full control over the Exinda device in all aspects. The default local system administrator name is 'admin', and multiple administrator accounts can be added to the system, or defined through RADIUS, TACACS+ or another AAA method. Even with any administrator account in use, t is possible to see the following message logged on the device:
"Configuration changed by admin-internal."
'admin-internal' is an internal user account for use by the Exinda. It is not defined or shown in the Users panel (under Configuration > System > Authorization). The admin-internal user is an integral part of the subsystem operation of the Exinda firmware. While system administrators have full reign of control over the Exinda, that permission does not extend to the 'shell' level for security reasons.That means that the system administrator accounts do not have the permission to modify certain files, or write to read only parts of the shell. If it is necessary, the administrator account, when performing a task, will invoke a series of actions that will involve the Exinda using the admin-internal account instead, which does have the permission to access the restricted areas, like a super user.
When admin-internal is called and utilized, it is logged in the above manner. This user never 'logs in' because it is never used externally (ie, it is a local log on, much like putting in a 'root' password in a Linux machine would allow for the user to access certain features). admin-internal is most heavily utilized when there is a file that needs to be changed during the course of modifying configuration, or if there is certain jobs being run.
admin-internal runs when:
- The optimizer is turned on or off
- A PDF report is run - either scheduled, or ad-hoc
- A system diagnostic is run
- If any settings to do with time have been changed (ie, enabling/disabling NTP, changing time zone, or system time)
- A scheduled job is running
Internal NotesWhy super access is needed:
- The optimizer is turned on or off - it changes TC before it is started
- A PDF report is run - it's gathering statistics from non-admin parts of the database and writing a file
- A system diagnostic is run - writing files like sysinfo and other things, copying all logs to a temp directory, etc
- If any settings to do with time have been changed - system time requires root access as it affects everything
- Scheduled job - unknown; I suspect it's due to running cron.