Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: /etc/security/audit_user
Operating Systems Solaris /etc/security/audit_user Post 302105394 by RTM on Thursday 1st of February 2007 12:29:27 PM
Old 02-01-2007
Look up the following man pages

audit_user
audit_control

These should explain it quite well.

root:lo:no
root:login_logout:no_class
username : always audit : never audit
 

LEARN ABOUT HPUX

audit_user

audit_user(4)							   File Formats 						     audit_user(4)

NAME

       audit_user - per-user auditing data file

SYNOPSIS

       /etc/security/audit_user

DESCRIPTION

       audit_user  is  an  access-restricted  database that stores per-user auditing preselection data. You can use the audit_user file with other
       authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM)  routines
       to access this information.

       The  search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup
       follows the search order for passwd(4).

       The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline.  audit_user  does  not  have
       general read permission. Each entry in the audit_user file has the form:

       username:always-audit-flags:never-audit-flags

       The fields are defined as follows:

       username 	       User's login name.

       always-audit-flags      Flags specifying event classes to always audit.

       never-audit-flags       Flags specifying event classes to never audit.

       For a complete description of the audit flags and how to combine them, see audit_control(4).

EXAMPLES

       Example 1: Using the audit_user File

       other:lo,am:io,cl
       fred:lo,ex,+fc,-fr,-fa:io,cl
       ethyl:lo,ex,nt:io,cl

FILES

       /etc/nsswitch.conf

       /etc/passwd

       /etc/security/audit_user

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     | See below		   |
       +-----------------------------+-----------------------------+

       The file format stability is evolving. The file content is unstable.

SEE ALSO

       bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)

NOTES

       This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

SunOS 5.10							    2 Jan 2003							     audit_user(4)
All times are GMT -4. The time now is 11:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy