test

System Administration Guide: Security Services

process Token

The process token contains information about a user who is associated with a process, such as the recipient of a signal.

The process token has nine fields:

The audit ID, user ID, group ID, process ID, and session ID are long instead of short.

Note –

The process token fields for the session ID, the real user ID, or the real group ID might be unavailable. The value is then set to -1.

Any token that contains a terminal ID has several variations. The praudit command hides these variations. So, the terminal ID is handled the same way for any token that contains a terminal ID. The terminal ID is either an IP address and port number, or a device ID. A device ID, such as the serial port that is connected to a modem, can be zero. The terminal ID is specified in one of several formats.

The terminal ID for device numbers is specified as follows:

In releases prior to the Solaris 8 release, the terminal ID for port numbers is specified as follows:

Since the Solaris 8 release, the terminal ID for port numbers is specified as follows:

The praudit -x command shows the fields of the process token. The line is wrapped for display purposes.


<process audit-uid="-2" uid="root" gid="root" ruid="root" 
rgid="root" pid="9" sid="0" tid="0 0 0.0.0.0"/>

The following figure shows the format of a process token.

Figure 31–5 process Token Format

The preceding context describes the graphic.