JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

Basic Audit Reporting Tool (Overview)

BART Features

BART Components

BART Manifest

BART Report

BART Rules File

Using BART (Task Map)

Using BART (Tasks)

BART Security Considerations

How to Create a Manifest

How to Customize a Manifest

How to Compare Manifests for the Same System Over Time

How to Compare Manifests From a Different System With the Manifest of a Control System

How to Customize a BART Report by Specifying File Attributes

How to Customize a BART Report by Using a Rules File

BART Manifest, Rules File, and Reporting (Reference)

BART Manifest File Format

BART Rules File Format

Rules File Attributes

Quoting Syntax

BART Reporting

BART Output

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Oracle Solaris Auditing

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)



BART Manifest, Rules File, and Reporting (Reference)

This section includes the following reference information:

BART Manifest File Format

Each manifest file entry is a single line, depending on the file type. Each entry begins with fname, which is the name of the file. To prevent parsing problems that are caused by special characters embedded in file names, the file names are encoded. For more information, see BART Rules File Format.

Subsequent fields represent the following file attributes:


Type of file with the following possible values:

  • B for a block device node

  • C for a character device node

  • D for a directory

  • F for a file

  • L for a symbolic link

  • P for a pipe

  • S for a socket


File size in bytes.


Octal number that represents the permissions of the file.


ACL attributes for the file. For a file with ACL attributes, this contains the output from acltotext().


Numerical user ID of the owner of this entry.


Numerical group ID of the owner of this entry.


Last modification time, in seconds, since 00:00:00 UTC, January 1, 1970, for directories.


Last modification time, in seconds, since 00:00:00 UTC, January 1, 1970, for links.


Last modification time, in seconds, since 00:00:00 UTC January 1, 1970, for files.


Checksum value of the file. This attribute is only specified for regular files. If you turn off context checking, or if checksums cannot be computed, the value of this field is .


Destination of a symbolic link.


Value of the device node. This attribute is for character device files and block device files only.

For more information about BART manifests, see the bart_manifest(4) man page.

BART Rules File Format

The input files to the bart command are text files. These files consist of lines that specify which files are to be included in the manifest and which file attributes are to be included the report. The same input file can be used across both pieces of BART functionality. Lines that begin with #, blank lines, and lines that contain white space are ignored by the tool.

The input files have three types of directives:

Example 5-8 Rules File Format

<Global CHECK/IGNORE Directives>
<subtree1> [pattern1..]
<IGNORE/CHECK Directives for subtree1>

<subtree2> [pattern2..]
<subtree3> [pattern3..]
<subtree4> [pattern4..]
<IGNORE/CHECK Directives for subtree2, subtree3, subtree4>

Note - All directives are read in order, with later directives possibly overriding earlier directives.

There is one subtree directive per line. The directive must begin with an absolute pathname, followed by zero or more pattern matching statements.

Rules File Attributes

The bart command uses CHECK and IGNORE statements to define which attributes to track or ignore. Each attribute has an associated keyword.

The attribute keywords are as follows:

The all keyword refers to all file attributes.

Quoting Syntax

The rules file specification language that BART uses is the standard UNIX quoting syntax for representing nonstandard file names. Embedded tab, space, newline, or special characters are encoded in their octal forms to enable the tool to read file names. This nonuniform quoting syntax prevents certain file names, such as those containing an embedded carriage return, from being processed correctly in a command pipeline. The rules specification language allows the expression of complex file name filtering criteria that would be difficult and inefficient to describe by using shell syntax alone.

For more information about the BART rules file or the quoting syntax used by BART, see the bart_rules(4) man page.

BART Reporting

In default mode, the bart compare command, as shown in the following example, will check all the files installed on the system, with the exception of modified directory timestamps (dirmtime):

IGNORE    dirmtime

If you supply a rules file, then the global directives of CHECK all and IGNORE dirmtime, in that order, are automatically prepended to the rules file.

BART Output

The following exit values are returned:




Nonfatal error when processing files, such as permission problems


Fatal error, such as an invalid command-line option

The reporting mechanism provides two types of output: verbose and programmatic:

For a list of attributes that are supported by the bart command, see Rules File Attributes.

For more information about BART, see the bart(1M) man page.