Managing Auditing in Oracle® Solaris 11.2

Exit Print View

Updated: July 2014
 
 

How to Configure Per-Zone Auditing

This procedure enables separate zone administrators to control the audit service in their zone. For the complete list of policy options, see the auditconfig (1M) man page.

Before You Begin

To configure auditing, you must become an administrator who is assigned the Audit Configuration rights profile. To enable the audit service, you must become an administrator who is assigned the Audit Control rights profile . For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

  1. In the global zone, configure auditing.
    1. Complete the tasks in Configuring the Audit Service.
    2. Add the perzone audit policy. For the command, see Example 3–12.

      Note -  You are not required to enable the audit service in the global zone.
  2. In each non-global zone that you plan to audit, configure the audit files.
    1. Complete the tasks in Configuring the Audit Service.
    2. Do not configure system-wide audit settings.

      Specifically, do not add the perzone or ahlt policy to the non-global zone.

  3. Enable auditing in your zone.
    myzone# audit -s
Example 3-18  Disabling Auditing in a Non-Global Zone

This example works if the perzone audit policy is set. The zone administrator of the noaudit zone disables auditing for that zone.

noauditzone # auditconfig -getcond
audit condition = auditing
noauditzone # audit -t
noauditzone # auditconfig -getcond
audit condition = noaudit