Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Security Services Oracle Solaris 11 Express 11/10 |
1. Security Services (Overview)
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Virus Scanning Service (Tasks)
5. Controlling Access to Devices (Tasks)
6. Using the Basic Audit Reporting Tool (Tasks)
7. Controlling Access to Files (Tasks)
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
9. Using Role-Based Access Control (Tasks)
10. Role-Based Access Control (Reference)
Part IV Oracle Solaris Cryptographic Services
13. Oracle Solaris Cryptographic Framework (Overview)
14. Oracle Solaris Cryptographic Framework (Tasks)
15. Oracle Solaris Key Management Framework
Part V Authentication Services and Secure Communication
16. Using Authentication Services (Tasks)
19. Using Solaris Secure Shell (Tasks)
20. Solaris Secure Shell (Reference)
21. Introduction to the Kerberos Service
22. Planning for the Kerberos Service
23. Configuring the Kerberos Service (Tasks)
24. Kerberos Error Messages and Troubleshooting
25. Administering Kerberos Principals and Policies (Tasks)
26. Using Kerberos Applications (Tasks)
27. The Kerberos Service (Reference)
Part VII Oracle Solaris Auditing
28. Oracle Solaris Auditing (Overview)
How Is Auditing Related to Security?
Audit Terminology and Concepts
Audit Classes and Preselection
Audit Records and Audit Tokens
Storing and Managing the Audit Trail
Auditing on a System With Zones
29. Planning for Oracle Solaris Auditing
30. Managing Oracle Solaris Auditing (Tasks)
The following features have been introduced to Oracle Solaris auditing:
Enabled by default.
No reboot is required.
Oracle Solaris auditing is a service. See Oracle Solaris Audit Service.
The auditconfig command is used to display and change audit policy, non-attributable flags, attributable flags, plugins, and queue controls. See the auditconfig(1M) man page.
The rights profiles for auditing have been reconfigured. See Rights Profiles for Administering Auditing.
Oracle Solaris supplies three plugins, audit_binfile, audit_remote, and audit_syslog. See the audit_binfile(5), audit_remote(5), and audit_syslog(5) man pages.
The audit_flags keyword is used to configure user exceptions to system-wide auditing. The keyword is an argument to the useradd, usermod, roleadd, and rolemod commands. The audit_flags value is stored in the user_attr database. See the useradd(1M), usermod(1M), roleadd(1M), rolemod(1M), and user_attr(4) man pages.
By default, lo events are audited for the system. By default, no user or role is configured for auditing.