bsd man page for audit_user

Bsd Man Pages All Man Pages Latest Topics Forum Categories

Query: audit_user

OS: bsd

Section: 4

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

audit_user(4)							   File Formats 						     audit_user(4)

NAME

       audit_user - per-user auditing data file

SYNOPSIS

       /etc/security/audit_user

DESCRIPTION

       audit_user  is  an  access-restricted  database that stores per-user auditing preselection data. You can use the audit_user file with other
       authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM)  routines
       to access this information.

       The  search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup
       follows the search order for passwd(4).

       The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline.  audit_user  does  not  have
       general read permission. Each entry in the audit_user file has the form:

       username:always-audit-flags:never-audit-flags

       The fields are defined as follows:

       username 	       User's login name.

       always-audit-flags      Flags specifying event classes to always audit.

       never-audit-flags       Flags specifying event classes to never audit.

       For a complete description of the audit flags and how to combine them, see audit_control(4).

EXAMPLES

       Example 1: Using the audit_user File

       other:lo,am:io,cl
       fred:lo,ex,+fc,-fr,-fa:io,cl
       ethyl:lo,ex,nt:io,cl

FILES

       /etc/nsswitch.conf

       /etc/passwd

       /etc/security/audit_user

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     | See below		   |
       +-----------------------------+-----------------------------+

       The file format stability is evolving. The file content is unstable.

SEE ALSO

       bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)

NOTES

       This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

SunOS 5.10							    2 Jan 2003							     audit_user(4)
Related Man Pages
audit_user(4) - sunos
audit_user(4) - v7
audit_user(4) - plan9
audit_user(4) - linux
audit_user(4) - suse
Similar Topics in the Unix Linux Community
audit user activity - possible?
I need to audit users on a Solaris box
audit user commands of different users under root account
Audit user activity
Audit useradd/userdel - Solaris 11