setaudit(1M)

NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | EXAMPLES | SEE ALSO

NAME

setaudit– Run a command with the audit mask set

SYNOPSIS

setaudit [-u username] command command_args

DESCRIPTION

setaudit invokes a command using the audit characteristics of the specified user, rather than the audit characteristics of the effective uid of the process executing the setaudit command. The command can be used to selectively turn on auditing for daemons and commands that are run from the /etc/rc scripts. If the -u option is not used, setaudit sets the audit characteristics to the context of the user invoking the command; if the option is present, setaudit sets the audit characteristics to the context of the specified username. Within the set context, setaudit then executes the specified command with its arguments (command_args).

-u username

Use the audit characteristics of username rather than the audit characteristics of the effective uid of the process executing the setaudit command.

command command_args

The command to execute and its arguments.

To succeed, setaudit must have the file_dac_read and sys_audit privileges in its set of effective privileges.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Availability	SUNWtsu

EXAMPLES

---

Example 1 To setaudit with the characteristics of a user




To execute the cat command on the file /etc/system as the user maverick, use this:

---

setaudit -u maverick /usr/bin/cat /etc/system

---

---

---

Example 2 To setaudit with the characteristics of the invoking shell




To execute the ls command on the current working directory from the system shell, use the following command:

---

setaudit /sbin/sysh -c ls

---

---

SEE ALSO

Trusted Solaris 8 HW 12/02 Reference Manual

audit_control(4), audit_user(4)

SunOS 5.8 Reference Manual

attributes(5)

NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | EXAMPLES | SEE ALSO