/etc/security/audit/SERVERNAME/files Post: 302457245

8 More Discussions You Might Find Interesting

1. Cybersecurity

Security & audit

I am new to the world of Unix. As part of my understanding to have a big picture of Unix, I need to understand: 1. How to review the existing unix system or audit for the settings? 2. How do I go about fixing the holes?

2. UNIX for Advanced & Expert Users

Security Audit Trail

Dear Experts, I would like to know whether there are any tools available to view the Security Audit Trail files (SAT) in UNIX in a easier and customized way. If there is any similar type of S/W is available, please let me know. Thanks, Aswin

3. UNIX for Dummies Questions & Answers

Security Audit logging

Hey, I was wondering if anyone knew of any good tools out there for collecting/viewing/sorting audit data from Solaris (10) and Linux (SUSE and RHE) platforms? I am required by some government standards to audit certain actions on these systems like login and logouts, file access and actions...

4. Solaris

how to delete lines from audit files

hi all, i have enabled audit in our server it is working fine,but now i want to reduce the space with out removing audit.i.e..i want to delete some lines from audit file. here if i use vi editer, audit is not geting up. i want to delete the data i.e..logs for every 6 days in audit file plz...

5. Web Development

servername in apache httpd.conf

I'd like to know if servername in apache httpd.conf is the machine name or domain name. If it is domain name like example.com, should it be registered before in use?

6. Shell Programming and Scripting

pbrun ssh -l servername

Hi, Can you plz help me in the below command! what is the pbrun command does with ssh pbrun ssh -l servername

7. UNIX for Advanced & Expert Users

NFS server <servername> not responding still trying

Hi gurus, OS = SunOS 5.8 Not sure whether to post this in the scripting one or to advance and experts. Am posting on both since there is two things that am wanting to achieve. Am currerntly having NFS server errors below. At this stage, I am not sure whether I am having a SAN storage issue...

8. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and...

LEARN ABOUT MOJAVE

deallocate

deallocate(1)                                                                                                                        deallocate(1)

NAME

       deallocate - device deallocation

SYNOPSIS

       deallocate [-s] device

       deallocate [-s] [-F] device

       deallocate [-s] -I

       The  deallocate utility deallocates a device allocated to the evoking user. device can be a device defined in  device_allocate(4) or one of
       the device special files associated with the device. It resets the ownership and the permission on all device special files associated with
       device, disabling the user's access to that device. This option can be used by an authorized user to remove access to the device by another
       user. The required authorization is solaris.device.allocate.

       When deallocation or forced deallocation is performed, the appropriate device cleaning program is  executed,  based  on  the   contents  of
       device_allocate(4).  These cleaning programs are normally stored in /etc/security/lib.

       The following options are supported:

       device          Deallocate the device associated with the device special file specified by device.

       -s              Silent. Suppresses any diagnostic output.

       -F device       Forces  deallocation of the device associated with the file specified by device. Only a user with the solaris.device.revoke
                       authorization is permitted to use this option.

       -I              Forces deallocation of all allocatable devices. Only a user with the solaris.device.revoke authorization  is  permitted  to
                       use this option. This option should only be used at system initialization.

       The following exit values are returned:

       non--zero       An error occurred.

       /etc/security/device_allocate

       /etc/security/device_maps

       /etc/security/dev/*

       /etc/security/lib/*

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

       allocate(1), list_devices(1), bsmconv(1M), dminfo(1M), mkdevalloc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4), attributes(5)

       The  functionality  described  in  this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
       more information.

       /etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be supported in a future release of the Solaris Operating Environment.

                                                                    28 Mar 2005                                                      deallocate(1)