setaudit invokes a command using the audit characteristics of the specified user, rather than the audit characteristics of the effective uid of the process executing the setaudit command. The command can be used to selectively turn on auditing for daemons and commands that are run from the /etc/rc scripts. If the -u option is not used, setaudit sets the audit characteristics to the context of the user invoking the command; if the option is present, setaudit sets the audit characteristics to the context of the specified username. Within the set context, setaudit then executes the specified command with its arguments (command_args).
Use the audit characteristics of username rather than the audit characteristics of the effective uid of the process executing the setaudit command.
The command to execute and its arguments.
To succeed, setaudit must have the
sys_audit privileges in its set of effective privileges.
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
To execute the cat command on the file /etc/system as the user maverick, use this:
setaudit -u maverick /usr/bin/cat /etc/system
To execute the ls command on the current working directory from the system shell, use the following command:
setaudit /sbin/sysh -c ls