dts_audit_events(5) dts_audit_events(5)
NAME
dts_audit_events - Auditable events for the time services
DESCRIPTION
Code is in place for auditing security-significant events in the Time Server. Among these events are: Time Service processes Clock read-
ings Global-set membership (in the Cell Service Profile) Time Service attributes
Event class definitions, together with filters, control the auditing execution at these code points. Filters can be updated dynamically.
Filter files are maintained by a per-host audit daemon, and are shared among all the audit clients on the same host. The dcecp command
interface program is used for maintaining the filters. (See the dcecp reference page.) The dcecp command is executable by all users and
system administrators. The control on who is allowed to modify filters is done through audit daemon's ACL, which maintains the filters.
The Time Server RPC interfaces that manage the Time Service and request and provide the time include time_control, time_service,
gbl_time_service, and time_provider.
The following are the audit code points in these Time Service interfaces, with their Event Types, Event Classes, and any Event-Specific
Information.
Control Interface (time_control) Operations
The CreateCmd() operation creates the Time Service as a server or a clerk. The caller must have write access to the management interface.
EVT_CREATE_CMD (0x200, dce_dts_mgt_modify) signed32 servType
The DeleteCmd() operation deletes the Time Service entity from the system where the command is entered. This command stops the process.
The caller must have write access to the management interface. EVT_DELETE_CMD (0x201, dce_dts_mgt_modif) None
The EnableCmd() operation starts the DTS entity on the local node. This command makes the server available to the network. The clockSet
argument tells the Time Service whether or not to set the clock after the first synchronization. The caller must have write access to the
management interface. EVT_ENABLE_CMD (0x202, dce_dts_mgt_modify) signed32 clockSet
The DisableCmd operation disables the Time Service by making it unavailable to the network. In the case of servers, it makes it unavail-
able to the RPC client trying to talk to it. For clerks, it stops synchronizing with servers. The caller must have write access to the
management interface. EVT_DISABLE_CMD (0x203, dce_dts_mgt_modify) None The UpdateCmd() operation gradually adjusts the clock on the local
node to the specified time. The caller must have write access to the management interface. EVT_UPDATE_CMD (0x204, dce_dts_synch) utc_t
old_time utc_t new_time
The ChangeCmd operation changes the epoch number on the server and optionally sets the time to a new time. These values are passed in the
argument changeDir. The caller must have write access to the management interface. EVT_CHANGE_CMD (0x205, dce_dts_synch) signed32
old_epoch signed32 new_epoch utc_t old_time utc_t new_time
The SynchronizeCmd() operation causes the Time Service to synchronize immediately. If the argument clockSet is true, the clock is set to
the new value after a synchronization. The caller must have write access to the management interface. EVT_SYNCHRONIZE_CMD (0x206,
dce_dts_synch) signed32 setClock
The AdvertiseCm() operation adds (advertises) this Time Server node as a member of the global set in the Cell Services Profile. The caller
must have write access to the management interface. EVT_ADVERTISE_CMD (0x207, dce_dts_mgt_modify) None
The UnadvertiseCmd() operation removes (unadvertises) this Time Server node as a member of the set of global servers in the Cell Services
profile. The caller must have write access to the management interface. EVT_UNADVERTISE_CMD (0x208, dce_dts_mgt_modify) None
The SetDefaultCmd() operation, when an attribute with no accompanying value is passed, sets an attribute to its default value. The
attribute type is passed in the setAttr argument. The caller must have write access to the management interface. EVT_SET_DEFAULT_CMD
(0x209, dce_dts_mgt_modify) byte useDefault signed32 attribute
The SetAttrCmd() operation, when an attribute and an accompanying value is passed, sets an attribute to a value given. The attribute type
is passed in setAttr argument and the attribute value in AttrValue argument. The caller must have write access to the management inter-
face. EVT_SET_ATTR_CMD (0x20A, dce_dts_mgt_modif) signed32 attribute signed32 attribute_type
The ShowAttrCmd() operation, when passed an attribute name, queries the Time Service for the attribute's value. The attribute value is
passed back in the argument attrValue. The caller must have read access to the management interface. EVT_SHOW_ATTR_CMD (0x20B,
dce_dts_mgt_query) signed32 attribute signed32 attribute_type
The ShowAllCharsCmd() operation, when not passed a group name with the all value, queries the Time Service for the values of all the char-
acteristic attributes and values. The caller must have read access to the management interface. EVT_SHOW_ALL_CHARS_CMD (0x20C,
dce_dts_mgt_query) None
The ShowAllStatusCmd() operation, when passed the all status value, queries the Time Service for the values of all the status attributes.
The caller must have read access to the management interface. EVT_SHOW_ALL_STATUS_CMD (0x20D, dce_dts_mgt_query) None
The ShowAllCntrsCmd() operation, when passed the all counters value, queries the Time Service for the values of all the counters. The
caller must have read access to the management interface. EVT_SHOW_ALL_CNTRS_CMD (0x20E, dce_dts_mgt_query) None
The ShowLocServersCmd() operation, when passed the local servers value, queries the Time Service for the servers in the local set. A vari-
able conformant array is used to return the set of local servers available. The size of the array transmitted over RPC is determined at
run-time. The caller must have read access to the management interface. EVT_SHOW_LOC_SERVERS_CMD (0x20F, dce_dts_mgt_query) None
The ShowGblServersCmd() operation, when passed the global servers value, queries the Time Service for the servers in the global set. A
variable conformant array is used to return the set of global servers available. The caller must have read access to the management inter-
face. EVT_SHOW_GBL_SERVERS_CMD (0x210, dce_dts_mgt_query) None
Time Provider Interface (time_provider) Operations
Auditable events in the RPC-based Time Provider Program (TPP) interfaces are defined here. These events are invoked by a Time Service dae-
mon running as a server (in this case it makes an RPC client call to the TPP server).
The ContactProvider() operation sends initial contact message to the TPP. The TPP server responds with a control message. This operation
may cause modification of the time server's (not the provider's) clock and should be defined to be an auditable event in the time server.
There is no access control in the provider for this operation, but the integrity of the messages is protected. EVT_CONTACT_PROVIDER
(0x211, dce_dts_time_provider) None
The ServerRequestProviderTime() operation has the client send a request to the TPP for times. The TPP server responds with an array of
time stamps obtained by querying the Time Provider hardware that it polls. There is no access control in the Time Provider for this opera-
tion, but the integrity of the message is protected. EVT_REQUEST_PROVIDER_TIME (0x212, dce_dts_time_provider) None
RELATED INFORMATION
Commands: advertise(1m), aud(1m), audfilter(1m), change(1m), create(1m), dcecp(1m). delete(1m), disable(1m), dts_intro(1m), dtsd(1m),
enable(1m), exit(1m), help(1m), quit(1m), set(1m), show(1m), synchronize(1m), unadvertise(1m), update(1m),
Files: event_class.5, sec_audit_events(5).
dts_audit_events(5)