Managing Auditing in Oracle® Solaris 11.2

Exit Print View

Updated: July 2014
 
 

ipc Token

The ipc token contains the System V IPC message handle, semaphore handle, or shared-memory handle that is used by the caller to identify a particular IPC object.

The IPC object identifiers violate the context-free nature of the audit tokens. No global “name” uniquely identifies IPC objects. Instead, IPC objects are identified by their handles. The handles are valid only during the time that the IPC objects are active. However, the identification of IPC objects should not be a problem. The System V IPC mechanisms are seldom used, and the mechanisms all share the same audit class.

The following table shows the possible values for the IPC object type field. The values are defined in the /usr/include/bsm/audit.h file.

Table 7-2  Values for the IPC Object Type Field
Name
Value
Description
AU_IPC_MSG
1
IPC message object
AU_IPC_SEM
2
IPC semaphore object
AU_IPC_SHM
3
IPC shared-memory object

The praudit -x command shows the fields of the ipc token as follows:

<IPC ipc-type="shm" ipc-id="15"/>