audit_user(4)

NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | SEE ALSO

NAME

audit_user- Per-user auditing data file

SYNOPSIS

/etc/security/audit_user

DESCRIPTION

audit_user is an access-restricted plain text system file that stores per-user auditing preselection data. Programs use the getauusernam(3) to access this information.

The fields for each user entry are separated by colons. Each user is separated from the next by a newline. audit_user does not have general read permission.

Each entry in the audit_user file has the form:

---

username:always-audit-flags:never-audit-flags

---

The fields are defined as follows:

username

The user's login name.

always-audit-flags

Flags specifying event classes to always audit.

never-audit-flags

Flags specifying event classes to never audit.

EXAMPLES

---

Example 1 Sample audit_user file.




Here is a sample audit_user file:

other:lo,ad:io,cl freda:lo,ex,+fc,-fr,-fa:io,cl ethel:lo,ex,nt:io,cl

---

SUMMARY OF TRUSTED SOLARIS CHANGES

By default, auditing is enabled in the Trusted Solaris environment. See Trusted Solaris Audit Administration for how to disable and enable auditing.

FILES

/etc/security/audit_user

Per-user auditing data file.

/etc/passwd

Per-machine user password file.

SEE ALSO

Trusted Solaris 7 Reference Manual

getauusernam(3), audit_control(4)

Trusted Solaris Audit Administration

SunOS 5.7 Reference Manual

passwd(4)

Trusted Solaris 7  Last Revised 5 May 1998

NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | SEE ALSO