Kernel-Level Pseudo-Events

Pseudo-events do have their own audit record structure. They create audit records for the event that uses privilege. When the pseudo-event AUE_UPRIV is in a class that is being audited, any use of privilege will be audited, including uses of privilege for events that are otherwise not being audited.

Table B-175 Use of privilege


Event Name	Event ID	Event Class	Mask
`AUE_UPRIV`	`521`	`no`	0x00000000

Previous: Kernel-Level Generated Audit Records
Next: X Server Protocol Audit Records