JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 4: File Formats
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Introduction

File Formats

addresses(4)

admin(4)

alias(4)

aliases(4)

a.out(4)

asetenv(4)

asetmasters(4)

au(4)

audit_class(4)

audit_control(4)

audit_data(4)

audit_event(4)

audit.log(4)

audit_user(4)

auth_attr(4)

autofs(4)

bart_manifest(4)

bart_rules(4)

bootparams(4)

cardbus(4)

cdtoc(4)

cklist.high(4)

cklist.low(4)

cklist.med(4)

clustertoc(4)

compver(4)

contents(4)

contract(4)

copyright(4)

core(4)

crypt.conf(4)

crypto_certs(4)

dacf.conf(4)

dat.conf(4)

defaultdomain(4)

default_fs(4)

defaultrouter(4)

depend(4)

device_allocate(4)

device_maps(4)

devices(4)

devid_cache(4)

dfstab(4)

dhcp_inittab(4)

dhcp_network(4)

dhcpsvc.conf(4)

dhcptab(4)

dialups(4)

dir(4)

dir_ufs(4)

d_passwd(4)

driver.conf(4)

dumpdates(4)

environ(4)

ethers(4)

exec_attr(4)

fbtab(4)

fd(4)

flash_archive(4)

format.dat(4)

forward(4)

fs(4)

fspec(4)

fstypes(4)

ftp(4)

ftpaccess(4)

ftpconversions(4)

ftpgroups(4)

ftphosts(4)

ftpservers(4)

ftpusers(4)

fx_dptbl(4)

gateways(4)

geniconvtbl(4)

group(4)

gsscred.conf(4)

hba.conf(4)

holidays(4)

hosts(4)

hosts.equiv(4)

ib(4)

idnkit.pc(4)

ike.config(4)

ike.preshared(4)

inetd.conf(4)

inet_type(4)

init.d(4)

inittab(4)

ipaddrsel.conf(4)

ipf(4)

ipf.conf(4)

ipnat(4)

ipnat.conf(4)

ipnodes(4)

ippool(4)

ippool.conf(4)

isa(4)

issue(4)

kadm5.acl(4)

kdc.conf(4)

keytables(4)

krb5.conf(4)

label_encodings(4)

ldapfilter.conf(4)

ldapsearchprefs.conf(4)

ldaptemplates.conf(4)

llc2(4)

logadm.conf(4)

logindevperm(4)

loginlog(4)

lutab(4)

magic(4)

md.cf(4)

mddb.cf(4)

mdi_ib_cache(4)

mdi_scsi_vhci_cache(4)

md.tab(4)

mech(4)

meddb(4)

mipagent.conf(4)

mnttab(4)

mod_ipp(4)

mpapi.conf(4)

named.conf(4)

ncad_addr(4)

nca.if(4)

ncakmod.conf(4)

ncalogd.conf(4)

ncaport.conf(4)

ndpd.conf(4)

netconfig(4)

netgroup(4)

netid(4)

netmasks(4)

netrc(4)

networks(4)

nfs(4)

nfslog.conf(4)

nfssec.conf(4)

nisfiles(4)

NIS+LDAPmapping(4)

NISLDAPmapping(4)

nodename(4)

nologin(4)

note(4)

notrouter(4)

nscd.conf(4)

nss(4)

nsswitch.conf(4)

order(4)

ott(4)

packagetoc(4)

packingrules(4)

pam.conf(4)

passwd(4)

pathalias(4)

path_to_inst(4)

pci(4)

pcie(4)

pdo.conf(4)

phones(4)

pkginfo(4)

pkgmap(4)

platform(4)

plot(4B)

policy.conf(4)

power.conf(4)

pref(4)

printers(4)

printers.conf(4)

priv_names(4)

proc(4)

process(4)

prof_attr(4)

profile(4)

project(4)

protocols(4)

prototype(4)

pseudo(4)

publickey(4)

qop(4)

queuedefs(4)

rcmscript(4)

registration_profile(4)

remote(4)

resolv.conf(4)

rhosts(4)

rmmount.conf(4)

rmtab(4)

rndc.conf(4)

rpc(4)

rpc.nisd(4)

rpld.conf(4)

rt_dptbl(4)

sasl_appname.conf(4)

sbus(4)

sccsfile(4)

scsi(4)

securenets(4)

sel_config(4)

sendmail(4)

sendmail.cf(4)

service_bundle(4)

service_provider.conf(4)

services(4)

shadow(4)

sharetab(4)

shells(4)

slp.conf(4)

slpd.reg(4)

snapshot_cache(4)

snmp.conf(4)

snmp_config(4)

snmpd.conf(4)

snmptrapd.conf(4)

snmp_variables(4)

sock2path(4)

space(4)

ssh_config(4)

sshd_config(4)

submit.cf(4)

sulog(4)

synclist(4)

sysbus(4)

sysidcfg(4)

syslog.conf(4)

system(4)

telnetrc(4)

term(4)

terminfo(4)

TIMEZONE(4)

timezone(4)

tnf_kernel_probes(4)

TrustedExtensionsPolicy(4)

ts_dptbl(4)

ttydefs(4)

ttysrch(4)

tune.high(4)

tune.low(4)

tune.med(4)

ufsdump(4)

uid_aliases(4)

updaters(4)

user_attr(4)

utmp(4)

utmpx(4)

variables(4)

vfstab(4)

vold.conf(4)

volume-config(4)

volume-defaults(4)

volume-request(4)

wanboot.conf(4)

warn.conf(4)

wtmp(4)

wtmpx(4)

xferlog(4)

ypfiles(4)

yppasswdd(4)

ypserv(4)

zoneinfo(4)

audit_user

- per-user auditing data file

Synopsis

/etc/security/audit_user

Description

audit_user is a database that stores per-user auditing preselection data. You can use the audit_user file with other authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM) routines to access this information.

The search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup follows the search order for passwd(4).

The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline. audit_user does not have general read permission. Each entry in the audit_user file has the form:

username:always-audit-flags:never-audit-flags

The fields are defined as follows:

username

User's login name.

always-audit-flags

Flags specifying event classes to always audit.

never-audit-flags

Flags specifying event classes to never audit.

For a complete description of the audit flags and how to combine them, see audit_control(4).

Examples

Example 1 Using the audit_user File

other:lo,am:io,cl
fred:lo,ex,+fc,-fr,-fa:io,cl
ethyl:lo,ex,nt:io,cl

Files

/etc/nsswitch.conf

/etc/passwd

/etc/security/audit_user

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Interface Stability
Committed (Obsolete)

See Also

bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)

Notes

This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

Configuration changes do not affect audit sessions that are currently running, as the changes do not modify a process's preselection mask. To change the preselection mask on a running process, use the –setpmask option of the auditconfig command (see auditconfig(1M)). If the user logs out and logs back in, the new configuration changes are reflected in the next audit session.

This file and name service database is Obsolete and may be removed and replaced by equivalent functionality in a future release of Solaris.

Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next