Privilege Sets

The AW_PRIVILEGE token places a privilege set into the audit record. This example logs the allowed privilege set for the specified executable file to the audit record.

priv_set_t allowed_set;

PRIV_EMPTY(&allowed_set);

retval = getfpriv("/export/home/zelda/program",
	PRIV_ALLOWED,
	allowed_set);

auditwrite(AW_EVENT,
	"AUE_second_signature",
	AW_PRIVILEGE, AU_PRIV_ALLOWED, &allowed_set,
	AW_WRITE, AW_END);

The viewing terminal shows this record:

header,116,3,second signature requested,,Fri Mar 21
 10:12:21 1997, + 809 msec
privilege,allowed,proc_audit_appl
subject,zelda,zelda,staff,zelda,staff,420,286,0 0 phoenix
slabel,C
return,success,0

Previous: Command Line Arguments
Next: Interprocess Communications Identifier