[Go to CFHT Home Page] Man Pages
Back to Software Index  BORDER=0Manpage Top Level
    audit_user(4) manual page Table of Contents

Name

audit_user - per-user auditing data file

Synopsis

/etc/security/audit_user

Availability

The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

Description

audit_user is an access-restricted ASCII system file that stores per-user auditing preselection data. Programs use the getauusernam(3) routines to access this information.

The fields for each user entry are separated by colons. Each user is separated from the next by a newline. audit_user does not have general read permission.

Each entry in the audit_user file has the form:

username:always-audit-flags:never-audit-flagsThe fields are defined as follows:
username
The user’s login name.
always-audit-flags
Flags specifying event classes to always audit.
never-audit-flags
Flags specifying event classes to never audit.

Examples

Here is a sample audit_user file: 


other:lo,ad:io,cl
fred:lo,ex,+fc,-fr,-fa:io,cl
ethyl:lo,ex,nt:io,cl

Files


/etc/security/audit_user/etc/passwd

See Also

bsmconv(1M) , getauusernam(3) , audit_control(4) , passwd(4)

Table of Contents