NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | FILES | SEE ALSO | NOTES
/etc/security/audit_user
audit_user is an access-restricted ASCII system file that stores per-user auditing preselection data. Programs use the getauusernam(3) routines to access this information.
The fields for each user entry are separated by colons. Each user is separated from the next by a newline. audit_user does not have general read permission.
Each entry in the audit_user file has the form:
username:always-audit-flags:never-audit-flags
The fields are defined as follows:
The user's login name.
Flags specifying event classes to always audit.
Flags specifying event classes to never audit.
Here is a sample audit_user file:
other:lo,ad:io,cl fred:lo,ex,+fc,-fr,-fa:io,cl ethyl:lo,ex,nt:io,cl |
The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.
NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | FILES | SEE ALSO | NOTES