acl Token

The acl token provides information about any access control lists in place on an object. If there is no current acl, this token is not written to the audit record. Also, unless required by an audit record format, this token is normally recorded only when the appropriate auditing policy is set. The fields are:

A token ID
The object type of an array element
The user/group id of an array element
The permissions given to the subject

The following figure shows the token format.

Figure B-2 acl Token Format

A list of acl tokens is displayed by praudit(1M) as follows:

acl,user_obj,,rwx
acl,user,bin,---
acl,group_obj,,r-x
acl,class_obj,,r--
acl,other_obj,,r-x

Previous: Audit Record Structure
Next: arbitrary Token