The exec_env token records the current environment variables to an exec() system call. The exec_env token has two fixed fields:
A token ID field that identifies this token as an exec_env token
A count that represents the number of arguments that are passed to the exec() system call
The remainder of this token is composed of count strings. The praudit -x command shows the fields of the exec_env token. The line is wrapped for display purposes.
<exec_env><env>_=/usr/bin/hostname</env> <env>DTXSERVERLOCATION=local</env><env>SESSIONTYPE=altDt</env> <env>LANG=C</env><env>SDT_NO_TOOLTALK=1</env><env>SDT_ALT_HELLO=/bin/true</env> <env>PATH=/usr/bin:/usr/openwin/bin:/usr/ucb</env> <env>OPENWINHOME=/usr/openwin</env><env>LOGNAME=jdoe</env><env>USER=jdoe</env> <env>DISPLAY=:0</env><env>SHELL=/bin/csh</env><env>START_SPECKEYSD=no</env> <env>SDT_ALT_SESSION=/usr/dt/config/Xsession2.jds</env><env>HOME=/home/jdoe</env> <env>SDT_NO_DTDBCACHE=1</env><env>PWD=/home/jdoe</env><env>TZ=US/Pacific</env> </exec_env> |
The exec_env token is output only when the arge audit policy option is active.