exec_env Token
The exec_env token records the current environment variables to an exec() system call. The exec_env token has two fixed fields:
-
A token ID field that identifies this token as an exec_env token
-
A count that represents the number of arguments that are passed to the exec() system call
The remainder of this token is composed of zero or more null-terminated strings. The praudit command displays the exec_env token as follows:
exec_env,25, GROUP=staff,HOME=/export/home/matrix,HOST=mestrix,HOSTTYPE=sun4u,HZ=100, LC_COLLATE=en_US.ISO8859-1,LC_CTYPE=en_US.ISO8859-1,LC_MESSAGES=C, LC_MONETARY=en_US.ISO8859-1,LC_NUMERIC=en_US.ISO8859-1, LC_TIME=en_US.ISO8859-1,LOGNAME=matrix,MACHTYPE=sparc, MAIL=/var/mail/matrix,OSTYPE=solaris,PATH=/usr/sbin:/usr/bin,PS1=#, PWD=/var/audit,REMOTEHOST=192.168.13.5,SHELL=/usr/bin/csh,SHLVL=1, TERM=dtterm,TZ=US/Pacific,USER=matrix,VENDOR=sun |
The following figure shows the format of an exec_env token.
Figure 23–9 exec_env Token Format
Note –
The exec_env token is output only when the audit policy arge is active.
- © 2010, Oracle Corporation and/or its affiliates