Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

au_user_mask(3bsm) [sunos man page]

au_user_mask(3BSM)														au_user_mask(3BSM)

NAME
au_user_mask - get user's binary preselection mask SYNOPSIS
cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ] #include <bsm/libbsm.h> int au_user_mask(char *username, au_mask_t *mask_p); The au_user_mask() function reads the default, system wide audit classes from audit_control(4), combines them with the per-user audit classes from the audit_user(4) database, and updates the binary preselection mask pointed to by mask_p with the combined value. The audit flags in the flags field of the audit_control(4) database and the always-audit-flags and never-audit-flags from the audit_user(4) database represent binary audit classes. These fields are combined by au_preselect(3BSM) as follows: mask = ( flags + always-audit-flags) - never-audit-flags The au_user_mask() function fails only if both the both the audit_control(4) and the audit_user(4) database entries could not be retrieved. This allows for flexible configurations. Upon successful completion, au_user_mask() returns 0. It fails and returns -1 if both the audit_control(4) and the audit_user(4) database entries could not be retrieved. /etc/security/audit_control file containing default parameters read by the audit daemon, auditd(1M) /etc/security/audit_user file that stores per-user audit event mask See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Stable | +-----------------------------+-----------------------------+ |MT-Level |MT-Safe | +-----------------------------+-----------------------------+ login(1), bsmconv(1M), getaudit(2), setaudit(2), au_preselect(3BSM), getacinfo(3BSM), getauusernam(3BSM), audit_control(4), audit_user(4), attributes(5) The au_user_mask() function should be called by programs like login(1) which set a process's preselection mask with setaudit(2). getau- dit(2) should be used to obtain audit characteristics for the current process. The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information. 31 Mar 2005 au_user_mask(3BSM)

Check Out this Related Man Page

audit_user(4)							   File Formats 						     audit_user(4)

NAME
audit_user - per-user auditing data file SYNOPSIS
/etc/security/audit_user DESCRIPTION
audit_user is an access-restricted database that stores per-user auditing preselection data. You can use the audit_user file with other authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM) routines to access this information. The search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup follows the search order for passwd(4). The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline. audit_user does not have general read permission. Each entry in the audit_user file has the form: username:always-audit-flags:never-audit-flags The fields are defined as follows: username User's login name. always-audit-flags Flags specifying event classes to always audit. never-audit-flags Flags specifying event classes to never audit. For a complete description of the audit flags and how to combine them, see audit_control(4). EXAMPLES
Example 1: Using the audit_user File other:lo,am:io,cl fred:lo,ex,+fc,-fr,-fa:io,cl ethyl:lo,ex,nt:io,cl FILES
/etc/nsswitch.conf /etc/passwd /etc/security/audit_user ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability | See below | +-----------------------------+-----------------------------+ The file format stability is evolving. The file content is unstable. SEE ALSO
bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4) NOTES
This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information. SunOS 5.10 2 Jan 2003 audit_user(4)
Man Page