debian man page for audit_user

Query: audit_user

OS: debian

Section: 4

Links: debian man pages   all man pages

Forums: unix linux community   forum categories

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

audit_user(4)                                                      File Formats                                                      audit_user(4)


NAME

       audit_user - per-user auditing data file


SYNOPSIS

       /etc/security/audit_user


DESCRIPTION

       audit_user  is  an  access-restricted  database that stores per-user auditing preselection data. You can use the audit_user file with other
       authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM)  routines
       to access this information.

       The  search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup
       follows the search order for passwd(4).

       The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline.  audit_user  does  not  have
       general read permission. Each entry in the audit_user file has the form:

       username:always-audit-flags:never-audit-flags

       The fields are defined as follows:

       username                User's login name.

       always-audit-flags      Flags specifying event classes to always audit.

       never-audit-flags       Flags specifying event classes to never audit.

       For a complete description of the audit flags and how to combine them, see audit_control(4).


EXAMPLES

       Example 1: Using the audit_user File

       other:lo,am:io,cl
       fred:lo,ex,+fc,-fr,-fa:io,cl
       ethyl:lo,ex,nt:io,cl


FILES

       /etc/nsswitch.conf

       /etc/passwd

       /etc/security/audit_user


ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Interface Stability          | See below                   |
       +-----------------------------+-----------------------------+

       The file format stability is evolving. The file content is unstable.


SEE ALSO

       bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)


NOTES

       This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

SunOS 5.10                                                          2 Jan 2003                                                       audit_user(4)
Related Man Pages
audit_user(4) - centos
audit_user(4) - opendarwin
audit_user(4) - x11r4
audit_user(4) - hpux
audit_user(4) - linux
Similar Topics in the Unix Linux Community
clear passwd history without ...
Root User Management
How to write script for this ?
/etc/security/audit_user
BSM auditing issues, need to audit "permission denied"