Unix/Linux Go Back    

OpenSolaris 2009.06 - man page for audit_user (opensolaris section 4)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)

audit_user(4)				   File Formats 			    audit_user(4)

       audit_user - per-user auditing data file


       audit_user  is a database that stores per-user auditing preselection data. You can use the
       audit_user file with other authorization sources, including the NIS map	audit_user.byname
       and the NIS+ table audit_user. Programs use the getauusernam(3BSM) routines to access this

       The search order for multiple user audit information sources is specified in the /etc/nss-
       witch.conf file. See nsswitch.conf(4). The lookup follows the search order for passwd(4).

       The  fields  for  each user entry are separated by colons (:). Each user is separated from
       the next by a newline. audit_user does not have general read permission. Each entry in the
       audit_user file has the form:


       The fields are defined as follows:

       username 	     User's login name.

       always-audit-flags    Flags specifying event classes to always audit.

       never-audit-flags     Flags specifying event classes to never audit.

       For  a  complete  description  of  the audit flags and how to combine them, see audit_con-

       Example 1 Using the audit_user File





       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       |Interface Stability	     | See below.		   |

       The file format stability is Committed. The file content is Uncommitted.

       bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)

       Part VII, Solaris Auditing, in System Administration Guide: Security Services

       This functionality is available only if the Basic Security Module (BSM) has been  enabled.
       See bsmconv(1M) for more information.

       Configuration  changes  do  not	affect	audit sessions that are currently running, as the
       changes do not modify a process's preselection mask. To change the preselection mask on	a
       running	process,  use  the  -setpmask  option  of  the auditconfig command (see auditcon-
       fig(1M)). If the user logs out and logs back in, the new  configuration	changes  will  be
       reflected in the next audit session.

SunOS 5.11				   26 Jun 2008				    audit_user(4)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 03:50 AM.