diff options
Diffstat (limited to 'usr/src/man/man4')
| -rw-r--r-- | usr/src/man/man4/Makefile | 2 | ||||
| -rw-r--r-- | usr/src/man/man4/audit.log.4 | 29 | ||||
| -rw-r--r-- | usr/src/man/man4/audit_class.4 | 25 | ||||
| -rw-r--r-- | usr/src/man/man4/audit_control.4 | 343 | ||||
| -rw-r--r-- | usr/src/man/man4/audit_event.4 | 23 | ||||
| -rw-r--r-- | usr/src/man/man4/audit_user.4 | 132 | ||||
| -rw-r--r-- | usr/src/man/man4/device_allocate.4 | 14 | ||||
| -rw-r--r-- | usr/src/man/man4/device_maps.4 | 13 | ||||
| -rw-r--r-- | usr/src/man/man4/exec_attr.4 | 4 | ||||
| -rw-r--r-- | usr/src/man/man4/nscd.conf.4 | 9 | ||||
| -rw-r--r-- | usr/src/man/man4/nsswitch.conf.4 | 6 |
11 files changed, 32 insertions, 568 deletions
diff --git a/usr/src/man/man4/Makefile b/usr/src/man/man4/Makefile index afdebd1834..5d3a176ef7 100644 --- a/usr/src/man/man4/Makefile +++ b/usr/src/man/man4/Makefile @@ -28,9 +28,7 @@ _MANFILES= Intro.4 \ au.4 \ audit.log.4 \ audit_class.4 \ - audit_control.4 \ audit_event.4 \ - audit_user.4 \ auth_attr.4 \ autofs.4 \ bart_manifest.4 \ diff --git a/usr/src/man/man4/audit.log.4 b/usr/src/man/man4/audit.log.4 index c858adf0fc..44c9b17e9c 100644 --- a/usr/src/man/man4/audit.log.4 +++ b/usr/src/man/man4/audit.log.4 @@ -1,9 +1,10 @@ '\" te +.\" Copyright (c) 2017 Peter Tribble .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH AUDIT.LOG 4 "May 29, 2009" +.TH AUDIT.LOG 4 "Mar 6, 2017" .SH NAME audit.log \- audit trail file .SH SYNOPSIS @@ -18,19 +19,18 @@ audit.log \- audit trail file .fi .SH DESCRIPTION -.sp .LP \fBaudit.log\fR files are the depository for audit records stored locally or on -an on an NFS-mounted audit server. These files are kept in directories named in -the file \fBaudit_control\fR(4) using the \fBdir\fR option. They are named to -reflect the time they are created and are, when possible, renamed to reflect -the time they are closed as well. The name takes the form +an NFS-mounted audit server. These files are kept in directories as specified +by the \fBp_dir\fR attribute of the \fBaudit_binfile\fR(5) plugin. They are +named to reflect the time they are created and are, when possible, renamed to +reflect the time they are closed as well. The name takes the form .sp .LP \fIyyyymmddhhmmss\fR\fB\&.not_terminated.\fR\fIhostname\fR .sp .LP -when open or if the \fBauditd\fR(1M) terminated ungracefully, and the form +when open or if \fBauditd\fR(1M) terminated ungracefully, and the form .sp .LP \fIyyyymmddhhmmss\fR\fB\&.\fR\fIyyyymmddhhmmss\fR\fB\&.\fR\fIhostname\fR @@ -42,7 +42,7 @@ in the month, \fBhh\fR hour in the day, \fBmm\fR minute in the hour, and .sp .LP Audit data is generated in the binary format described below; the default for -Solaris audit is binary format. See \fBaudit_syslog\fR(5) for an alternate data +audit is binary format. See \fBaudit_syslog\fR(5) for an alternate data format. .sp .LP @@ -767,7 +767,6 @@ creator UID 4 bytes .in -2 .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -786,17 +785,11 @@ Interface Stability See below. .LP The binary file format is Committed. The binary file contents is Uncommitted. .SH SEE ALSO -.sp .LP -\fBaudit\fR(1M), \fBauditd\fR(1M), \fBbsmconv\fR(1M), \fBaudit\fR(2), -\fBauditon\fR(2), \fBau_to\fR(3BSM), \fBaudit_control\fR(4), -\fBaudit_syslog\fR(5) -.sp -.LP -Part\ VII, \fISolaris Auditing,\fR in \fISystem Administration Guide: Security -Services\fR +\fBaudit\fR(1M), \fBauditd\fR(1M), \fBaudit\fR(2), +\fBauditon\fR(2), \fBau_to\fR(3BSM), +\fBaudit_binfile\fR(5), \fBaudit_remote\fR(5), \fBaudit_syslog\fR(5) .SH NOTES -.sp .LP Each token is generally written using the \fBau_to\fR(3BSM) family of function calls. diff --git a/usr/src/man/man4/audit_class.4 b/usr/src/man/man4/audit_class.4 index a3f3aa6db9..141c1d5996 100644 --- a/usr/src/man/man4/audit_class.4 +++ b/usr/src/man/man4/audit_class.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH AUDIT_CLASS 4 "Jun 26, 2008" +.TH AUDIT_CLASS 4 "Mar 6, 2017" .SH NAME audit_class \- audit class definitions .SH SYNOPSIS @@ -13,15 +13,13 @@ audit_class \- audit class definitions .fi .SH DESCRIPTION -.sp .LP \fB/etc/security/audit_class\fR is a user-configurable ASCII system file that stores class definitions used in the audit system. Audit events in \fBaudit_event\fR(4) are mapped to one or more of the defined audit classes. \fBaudit_event\fR can be updated in conjunction with changes to -\fBaudit_class\fR. See \fBaudit_control\fR(4) and \fBaudit_user\fR(4) for -information about changing the preselection of audit classes in the audit -system. Programs can use the \fBgetauclassent\fR(3BSM) routines to access audit +\fBaudit_class\fR. +Programs can use the \fBgetauclassent\fR(3BSM) routines to access audit class information. .sp .LP @@ -138,7 +136,6 @@ The following is an example of an \fBaudit_class\fR file: .sp .SH FILES -.sp .ne 2 .na \fB\fB/etc/security/audit_class\fR\fR @@ -148,7 +145,6 @@ The following is an example of an \fBaudit_class\fR file: .RE .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -167,22 +163,11 @@ Interface Stability See below. .LP The file format stability is Committed. The file content is Uncommitted. .SH SEE ALSO -.sp .LP -\fBbsmconv\fR(1M), \fBau_preselect\fR(3BSM), \fBgetauclassent\fR(3BSM), -\fBaudit_control\fR(4), \fBaudit_event\fR(4), \fBaudit_user\fR(4), -\fBattributes\fR(5) -.sp -.LP -Part\ VII, \fISolaris Auditing,\fR in \fISystem Administration Guide: Security -Services\fR +\fBau_preselect\fR(3BSM), \fBgetauclassent\fR(3BSM), +\fBaudit_event\fR(4), \fBattributes\fR(5) .SH NOTES -.sp .LP It is possible to deliberately turn on the \fBno\fR class in the kernel, in which case the audit trail will be flooded with records for the audit event \fBAUE_NULL\fR. -.sp -.LP -This functionality is available only if Solaris Auditing has been enabled. See -\fBbsmconv\fR(1M) for more information. diff --git a/usr/src/man/man4/audit_control.4 b/usr/src/man/man4/audit_control.4 deleted file mode 100644 index 740467589d..0000000000 --- a/usr/src/man/man4/audit_control.4 +++ /dev/null @@ -1,343 +0,0 @@ -'\" te -.\" Copyright (c) 2009, Sun Microsystems, Inc. -.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. -.\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with -.\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH AUDIT_CONTROL 4 "Apr 16, 2009" -.SH NAME -audit_control \- control information for system audit daemon -.SH SYNOPSIS -.LP -.nf -\fB/etc/security/audit_control\fR -.fi - -.SH DESCRIPTION -.sp -.LP -The \fBaudit_control\fR file contains audit control information used by -\fBauditd\fR(1M). Each line consists of a title and a string, separated by a -colon. There are no restrictions on the order of lines in the file, although -some lines must appear only once. A line beginning with `\fB#\fR' is a comment. -A line can be continued with the use of the backslash (\fB\e\fR) convention. -(See EXAMPLES.) -.sp -.LP -Directory definition lines list the directories to be used when creating audit -files, in the order in which they are to be used. The format of a directory -line is: -.sp -.LP -\fBdir:\fR\fIdirectory-name\fR -.sp -.LP -\fIdirectory-name\fR is where the audit files will be created. Any valid -writable directory can be specified. -.sp -.LP -The following configuration is recommended: -.sp -.LP -\fB/etc/security/audit/\fIserver\fR/files\fR -.sp -.LP -where \fIserver\fR is the name of a central machine, since audit files -belonging to different servers are usually stored in separate subdirectories of -a single audit directory. The naming convention normally has \fIserver\fR be a -directory on a server machine, and all clients mount -\fB/etc/security/audit/\fR\fIserver\fR at the same location in their local file -systems. If the same server exports several different file systems for -auditing, their \fIserver\fR names will, of course, be different. -.sp -.LP -There are several other ways for audit data to be arranged: some sites may have -needs more in line with storing each host's audit data in separate -subdirectories. The audit structure used will depend on each individual site. -.sp -.LP -The audit threshold line specifies the percentage of free space that must be -present in the file system containing the current audit file. The format of the -threshold line is: -.sp -.LP -\fBminfree:\fR\fIpercentage\fR -.sp -.LP -where \fIpercentage\fR is indicates the amount of free space required. If free -space falls below this threshold, the audit daemon \fBauditd\fR(1M) invokes the -shell script \fBaudit_warn\fR(1M). If no threshold is specified, the default is -0%. -.sp -.LP -The \fBplugin\fR definition line selects a plugin to be loaded by the audit -daemon for processing audit records. -.sp -.LP -The format of a plugin line is: -.sp -.in +2 -.nf -plugin: \fIkeyword1\fR=\fIvalue1\fR;\fIkeyword2\fR=\fIvalue2\fR; -.fi -.in -2 -.sp - -.sp -.LP -The following keywords are defined: -.sp -.ne 2 -.na -\fB\fBname\fR\fR -.ad -.RS 9n -The value is the pathname of the plugin. This specification is required. -.RE - -.sp -.ne 2 -.na -\fB\fBqsize\fR\fR -.ad -.RS 9n -The value is the maximum number of records to queue for audit data sent to the -plugin. If omitted, the current hiwater mark (see the \fB-getqctrl\fR of -\fBauditconfig\fR(1M)) is used. When this maximum is reached, \fBauditd\fR will -either block or discard data, depending on the audit policy \fBcnt\fR. See -\fBauditconfig\fR(1M). -.RE - -.sp -.ne 2 -.na -\fB\fBp_*\fR\fR -.ad -.RS 9n -A keyword with the prefix \fBp_\fR is passed to the plugin defined by the value -associated with the \fBname\fR attribute. These attributes are defined for each -plugin. By convention, if the value associated with a \fBplugin\fR attribute is -a list, the list items are separated with commas. -.RE - -.sp -.LP -If pathname is a relative path (it does not start with \fB/\fR) the library -path will be taken as relative to \fB/usr/lib/security/$ISA\fR. The \fB$ISA\fR -token is replaced by an implementation-defined directory name that defines the -path relative to the \fBauditd\fR(1M) instruction set architecture. -.sp -.LP -See \fBaudit_syslog\fR(5) for the attributes expected for \fBplugin: -name=audit_syslog.so\fR. -.sp -.LP -No plugin specifier is required for generation of a binary audit log. However, -to set a queue size of other than the default, a plugin line with -\fBname=audit_binfile.so\fR can be used as described in \fBaudit_binfile\fR(5). -.sp -.LP -You must specify one or more plugins. (In the case of \fBaudit_binfile.so\fR, -use of \fBdir:\fR or \fBplugin:\fR suffices.) -.sp -.LP -The audit flags line specifies the default system audit value. This value is -combined with the user audit value read from \fBaudit_user\fR(4) to form a -user's process preselection mask. -.sp -.LP -The algorithm for obtaining the process preselection mask is as follows: the -audit flags from the \fBflags:\fR line in the \fBaudit_control\fR file are -added to the flags from the \fBalways-audit\fR field in the user's entry in the -\fBaudit_user\fR file. The flags from the \fBnever-audit\fR field from the -user's entry in the \fBaudit_user\fR file are then subtracted from the total: -.sp -.in +2 -.nf -user's process preselection mask = - (flags: line + always audit flags) - never audit flags -.fi -.in -2 -.sp - -.sp -.LP -The format of a flags line is: -.sp -.LP -\fBflags:\fR\fIaudit-flags\fR -.sp -.LP -where \fIaudit-flags\fR specifies which event classes are to be audited. The -character string representation of \fIaudit-flags\fR contains a series of flag -names, each one identifying a single audit class, separated by commas. A name -preceded by `\fB\(mi\fR\&' means that the class should be audited for failure -only; successful attempts are not audited. A name preceded by `\fB+\fR' means -that the class should be audited for success only; failing attempts are not -audited. Without a prefix, the name indicates that the class is to be audited -for both successes and failures. The special string \fBall\fR indicates that -all events should be audited; \fB\(miall\fR indicates that all failed attempts -are to be audited, and \fB+all\fR all successful attempts. The prefixes -\fB^\fR, \fB^\(mi\fR, and \fB^+\fR turn off flags specified earlier in the -string (\fB^\(mi\fR and \fB^+\fR for failing and successful attempts, \fB^\fR -for both). They are typically used to reset flags. -.sp -.LP -The non-attributable flags line is similar to the flags line, but this one -contain the audit flags that define what classes of events are audited when an -action cannot be attributed to a specific user. The format of a \fBnaflags\fR -line is: -.sp -.LP -\fBnaflags:\fR\fIaudit-flags\fR -.sp -.LP -The flags are separated by commas, with no spaces. See \fBaudit_class\fR(4) for -a list of the predefined audit classes. Note that the classes are configurable -as also described in \fBaudit_class\fR(4). -.sp -.LP -A line can be continued by appending a backslash (\fB\e\fR). -.SH EXAMPLES -.LP -\fBExample 1 \fRSample \fBaudit_control\fR File for Specific Host -.sp -.LP -The following is a sample \fB/etc/security/audit_control\fR file for the -machine \fBeggplant\fR. - -.sp -.LP -The file's contents identify server \fBjedgar\fR with two file systems normally -used for audit data, another server, \fBglobal\fR, used only when \fBjedgar\fR -fills up or breaks, and specifies that the warning script is run when the file -systems are 80% filled. It also specifies that all logins, administrative -operations are to be audited, whether or not they succeed. All failures except -failures to access object attributes are to be audited. - -.sp -.in +2 -.nf -dir: /etc/security/jedgar/eggplant -dir: /etc/security/jedgar.aux/eggplant -# -# Last-ditch audit file system when jedgar fills up. -# -dir: /etc/security/global/eggplant -minfree: 20 -flags: lo,ad,-all,^-fm -naflags: lo,ad -.fi -.in -2 -.sp - -.LP -\fBExample 2 \fRSample \fBaudit_control\fR File for syslog and Local Storage -.sp -.LP -Shown below is a sample \fB/etc/security/audit_control\fR file for syslog and -local storage. For the binary log, the output is all \fBlo\fR and \fBad\fR -records, all failures of class \fBfm\fR and any classes specified by means of -\fBaudit_user\fR(4). For syslog output, all \fBlo\fR records are output, only -failure \fBad\fR records are output, and no \fBfm\fR records are output. The -specification for the plugin is given in two lines. - -.sp -.in +2 -.nf -dir: /etc/security/jedgar/eggplant -dir: /etc/security/jedgar.aux/eggplant -# -# Last-ditch audit file system when jedgar fills up. -# -dir: /etc/security/global/eggplant -minfree: 20 -flags: lo,ad,-fm -naflags: lo,ad -plugin: name=audit_syslog.so;p_flags=lo,+ad;\e -qsize=512 -.fi -.in -2 -.sp - -.LP -\fBExample 3 \fROverriding the Default Queue Size -.sp -.LP -Shown below is a sample \fB/etc/security/audit_control\fR file that overrides -the default queue size for binary audit log file generation. - -.sp -.in +2 -.nf -dir: /etc/security/jedgar/eggplant -dir: /etc/security/jedgar.aux/eggplant -# -# Last-ditch audit file system when jedgar fills up. -# -dir: /etc/security/global/eggplant -minfree: 20 -flags: lo,ad,-fm -naflags: lo,ad -plugin: name=audit_binfile.so; qsize=256 -.fi -.in -2 -.sp - -.SH FILES -.sp -.LP -\fB/etc/security/audit_control\fR -.sp -.LP -\fB/etc/security/audit_warn\fR -.sp -.LP -\fB/etc/security/audit/*/*/*\fR -.sp -.LP -\fB/etc/security/audit_user\fR -.SH ATTRIBUTES -.sp -.LP -See \fBattributes\fR(5) for descriptions of the following attributes: -.sp - -.sp -.TS -box; -c | c -l | l . -ATTRIBUTE TYPE ATTRIBUTE VALUE -_ -Interface Stability Obsolete Committed -.TE - -.SH SEE ALSO -.sp -.LP -\fBaudit\fR(1M), \fBaudit_warn\fR(1M), \fBauditd\fR(1M), \fBbsmconv\fR(1M), -\fBaudit\fR(2), \fBgetfauditflags\fR(3BSM), \fBaudit.log\fR(4), -\fBaudit_class\fR(4), \fBaudit_user\fR(4), \fBattributes\fR(5), -\fBaudit_binfile\fR(5), \fBaudit_syslog\fR(5) -.sp -.LP -Part\ VII, \fISolaris Auditing,\fR in \fISystem Administration Guide: Security -Services\fR -.SH NOTES -.sp -.LP -Use of the plugin configuration line to include \fBaudit_syslog.so\fR requires -that \fB/etc/syslog.conf\fR be configured for audit data. See -\fBaudit_syslog\fR(5) for more details. -.sp -.LP -Configuration changes do not affect audit sessions that are currently running, -as the changes do not modify a process's preselection mask. To change the -preselection mask on a running process, use the \fB-setpmask\fR option of the -\fBauditconfig\fR command (see \fBauditconfig\fR(1M)). If the user logs out and -logs back in, the new configuration changes will be reflected in the next audit -session. -.sp -.LP -This file is Obsolete and may be removed and replaced with equivalent -functionality in a future release of Solaris. diff --git a/usr/src/man/man4/audit_event.4 b/usr/src/man/man4/audit_event.4 index 8d1ab89581..b1b0935138 100644 --- a/usr/src/man/man4/audit_event.4 +++ b/usr/src/man/man4/audit_event.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH AUDIT_EVENT 4 "Jun 26, 2008" +.TH AUDIT_EVENT 4 "Mar 6, 2017" .SH NAME audit_event \- audit event definition and class mapping .SH SYNOPSIS @@ -13,14 +13,12 @@ audit_event \- audit event definition and class mapping .fi .SH DESCRIPTION -.sp .LP \fB/etc/security/audit_event\fR is a user-configurable ASCII system file that stores event definitions used in the audit system. As part of this definition, each event is mapped to one or more of the audit classes defined in -\fBaudit_class\fR(4). See \fBaudit_control\fR(4) and \fBaudit_user\fR(4) for -information about changing the preselection of audit classes in the audit -system. Programs can use the \fBgetauevent\fR(3BSM) routines to access audit +\fBaudit_class\fR(4). +Programs can use the \fBgetauevent\fR(3BSM) routines to access audit event information. .sp .LP @@ -142,7 +140,6 @@ The following is an example of some \fBaudit_event\fR file entries: .sp .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -161,7 +158,6 @@ Interface Stability See below. .LP The file format stability is Committed. The file content is Uncommitted. .SH FILES -.sp .ne 2 .na \fB\fB/etc/security/audit_event\fR\fR @@ -171,16 +167,5 @@ The file format stability is Committed. The file content is Uncommitted. .RE .SH SEE ALSO -.sp -.LP -\fBbsmconv\fR(1M), \fBgetauevent\fR(3BSM), \fBaudit_class\fR(4), -\fBaudit_control\fR(4), \fBaudit_user\fR(4) -.sp -.LP -Part\ VII, \fISolaris Auditing,\fR in \fISystem Administration Guide: Security -Services\fR -.SH NOTES -.sp .LP -This functionality is available only if Solaris Auditing has been enabled. See -\fBbsmconv\fR(1M) for more information. +\fBgetauevent\fR(3BSM), \fBaudit_class\fR(4) diff --git a/usr/src/man/man4/audit_user.4 b/usr/src/man/man4/audit_user.4 deleted file mode 100644 index 2b499ba345..0000000000 --- a/usr/src/man/man4/audit_user.4 +++ /dev/null @@ -1,132 +0,0 @@ -'\" te -.\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved -.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. -.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. -.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH AUDIT_USER 4 "Feb 25, 2017" -.SH NAME -audit_user \- per-user auditing data file -.SH SYNOPSIS -.LP -.nf -\fB/etc/security/audit_user\fR -.fi - -.SH DESCRIPTION -.LP -\fBaudit_user\fR is a database that stores per-user auditing preselection data. -You can use the \fBaudit_user\fR file with other authorization sources, -including the \fBNIS\fR map \fBaudit_user.byname\fR. Programs use the -\fBgetauusernam\fR(3BSM) routines to access this information. -.sp -.LP -The search order for multiple user audit information sources is specified in -the \fB/etc/nsswitch.conf\fR file. See \fBnsswitch.conf\fR(4). The lookup -follows the search order for \fBpasswd\fR(4). -.sp -.LP -The fields for each user entry are separated by colons (\fB:\fR). Each user is -separated from the next by a newline. \fBaudit_user\fR does not have general -read permission. Each entry in the \fBaudit_user\fR file has the form: -.sp -.in +2 -.nf -\fIusername\fR:\fIalways-audit-flags\fR:\fInever-audit-flags\fR -.fi -.in -2 -.sp - -.sp -.LP -The fields are defined as follows: -.sp -.ne 2 -.na -\fB\fIusername\fR\fR -.ad -.RS 22n -User's login name. -.RE - -.sp -.ne 2 -.na -\fB\fIalways-audit-flags\fR\fR -.ad -.RS 22n -Flags specifying event classes to \fIalways\fR audit. -.RE - -.sp -.ne 2 -.na -\fB\fInever-audit-flags\fR\fR -.ad -.RS 22n -Flags specifying event classes to \fInever\fR audit. -.RE - -.sp -.LP -For a complete description of the audit flags and how to combine them, see -\fBaudit_control\fR(4). -.SH EXAMPLES -.LP -\fBExample 1 \fRUsing the \fBaudit_user\fR File -.sp -.in +2 -.nf -other:lo,am:io,cl -fred:lo,ex,+fc,-fr,-fa:io,cl -ethyl:lo,ex,nt:io,cl -.fi -.in -2 -.sp - -.SH FILES -.LP -\fB/etc/nsswitch.conf\fR -.sp -.LP -\fB/etc/passwd\fR -.sp -.LP -\fB/etc/security/audit_user\fR -.SH ATTRIBUTES -.LP -See \fBattributes\fR(5) for descriptions of the following attributes: -.sp - -.sp -.TS -box; -c | c -l | l . -ATTRIBUTE TYPE ATTRIBUTE VALUE -_ -Interface Stability See below. -.TE - -.sp -.LP -The file format stability is Committed. The file content is Uncommitted. -.SH SEE ALSO -.LP -\fBbsmconv\fR(1M), \fBgetauusernam\fR(3BSM), \fBaudit_control\fR(4), -\fBnsswitch.conf\fR(4), \fBpasswd\fR(4) -.sp -.LP -Part\ VII, \fISolaris Auditing,\fR in \fISystem Administration Guide: Security -Services\fR -.SH NOTES -.LP -This functionality is available only if the Basic Security Module (\fBBSM\fR) -has been enabled. See \fBbsmconv\fR(1M) for more information. -.sp -.LP -Configuration changes do not affect audit sessions that are currently running, -as the changes do not modify a process's preselection mask. To change the -preselection mask on a running process, use the \fB-setpmask\fR option of the -\fBauditconfig\fR command (see \fBauditconfig\fR(1M)). If the user logs out and -logs back in, the new configuration changes will be reflected in the next audit -session. diff --git a/usr/src/man/man4/device_allocate.4 b/usr/src/man/man4/device_allocate.4 index da4f3007ea..099022328e 100644 --- a/usr/src/man/man4/device_allocate.4 +++ b/usr/src/man/man4/device_allocate.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH DEVICE_ALLOCATE 4 "May 12, 2008" +.TH DEVICE_ALLOCATE 4 "Mar 6, 2017" .SH NAME device_allocate \- device_allocate file .SH SYNOPSIS @@ -13,7 +13,6 @@ device_allocate \- device_allocate file .fi .SH DESCRIPTION -.sp .LP The \fBdevice_allocate\fR file is an \fBASCII\fR file that resides in the \fB/etc/security\fR directory. It contains mandatory access control information @@ -159,7 +158,6 @@ the system administrator. .RE .SS "Notes on \fBdevice_allocate\fR" -.sp .LP The \fBdevice_allocate\fR file is an ASCII file that resides in the \fB/etc/security\fR directory. @@ -235,7 +233,6 @@ to use it (with \fBallocate\fR(1) and \fBdeallocate\fR(1)). If a device is not allocatable, there is an asterisk (\fB*\fR) in the \fIauths\fR field, and no one can use the device. .SH FILES -.sp .ne 2 .na \fB\fB/etc/security/device_allocate\fR\fR @@ -246,7 +243,6 @@ Contains list of allocatable devices .RE .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -262,16 +258,10 @@ Interface Stability Uncommitted .TE .SH SEE ALSO -.sp .LP -\fBauths\fR(1), \fBallocate\fR(1), \fBbsmconv\fR(1M), \fBdeallocate\fR(1), +\fBauths\fR(1), \fBallocate\fR(1), \fBdeallocate\fR(1), \fBlist_devices\fR(1), \fBauth_attr\fR(4), \fBattributes\fR(5) .SH NOTES -.sp -.LP -The functionality described in this man page is available only if Solaris -Auditing has been enabled. See \fBbsmconv\fR(1M) for more information. -.sp .LP On systems configured with Trusted Extensions, the functionality is enabled by default. On such systems, the \fBdevice_allocate\fR file is updated diff --git a/usr/src/man/man4/device_maps.4 b/usr/src/man/man4/device_maps.4 index 9a617cbbaf..5460ca44a0 100644 --- a/usr/src/man/man4/device_maps.4 +++ b/usr/src/man/man4/device_maps.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH DEVICE_MAPS 4 "Apr 30, 2008" +.TH DEVICE_MAPS 4 "Mar 6, 2017" .SH NAME device_maps \- device_maps file .SH SYNOPSIS @@ -13,7 +13,6 @@ device_maps \- device_maps file .fi .SH DESCRIPTION -.sp .LP The \fBdevice_maps\fR file contains access control information about each physical device. Each device is represented by a one line entry of the form: @@ -106,7 +105,6 @@ rmt:\e .sp .SH FILES -.sp .ne 2 .na \fB\fB/etc/security/device_maps\fR\fR @@ -116,7 +114,6 @@ Contains access control information for devices. .RE .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -132,17 +129,11 @@ Interface Stability Uncommitted .TE .SH SEE ALSO -.sp .LP -\fBallocate\fR(1), \fBbsmconv\fR(1M), \fBdeallocate\fR(1), +\fBallocate\fR(1), \fBdeallocate\fR(1), \fBlist_devices\fR(1), \fBdminfo\fR(1M), \fBdevice_allocate\fR(4), \fBattributes\fR(5) .SH NOTES -.sp -.LP -The functionality described in this man page is available only if Solaris -Auditing has been enabled. See \fBbsmconv\fR(1M) for more information. -.sp .LP On systems configured with Trusted Extensions, the functionality is enabled by default. On such systems, the \fBdevice_allocate\fR(4) file is updated diff --git a/usr/src/man/man4/exec_attr.4 b/usr/src/man/man4/exec_attr.4 index 571f1514a4..caa651720e 100644 --- a/usr/src/man/man4/exec_attr.4 +++ b/usr/src/man/man4/exec_attr.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH EXEC_ATTR 4 "Feb 25, 2017" +.TH EXEC_ATTR 4 "Mar 6, 2017" .SH NAME exec_attr \- execution profiles database .SH SYNOPSIS @@ -273,7 +273,7 @@ equals (\fB=\fR), and backslash (\fB\\fR). .LP \fBauths\fR(1), \fBdtaction\fR(1), \fBprofiles\fR(1), \fBroles\fR(1), \fBsh\fR(1), \fBmakedbm\fR(1M), \fBgetauthattr\fR(3SECDB), -\fBgetauusernam\fR(3BSM), \fBgetexecattr\fR(3SECDB), \fBgetprofattr\fR(3SECDB), +\fBgetexecattr\fR(3SECDB), \fBgetprofattr\fR(3SECDB), \fBgetuserattr\fR(3SECDB), \fBkva_match\fR(3SECDB), \fBauth_attr\fR(4), \fBprof_attr\fR(4), \fBuser_attr\fR(4), \fBattributes\fR(5), \fBprivileges\fR(5) diff --git a/usr/src/man/man4/nscd.conf.4 b/usr/src/man/man4/nscd.conf.4 index 04d1eafd53..be0b415b61 100644 --- a/usr/src/man/man4/nscd.conf.4 +++ b/usr/src/man/man4/nscd.conf.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH NSCD.CONF 4 "Aug 21, 2006" +.TH NSCD.CONF 4 "Mar 6, 2017" .SH NAME nscd.conf \- name service cache daemon configuration .SH SYNOPSIS @@ -13,7 +13,6 @@ nscd.conf \- name service cache daemon configuration .fi .SH DESCRIPTION -.sp .LP The \fBnscd.conf\fR file contains the configuration information for \fBnscd\fR(1M). Each line specifies either an \fIattribute\fR and a @@ -25,7 +24,7 @@ not interpreted by \fBnscd\fR. .LP \fIcachename\fR is represented by \fBhosts\fR, \fBipnodes\fR, \fBpasswd\fR, \fBgroup\fR, \fBexec_attr\fR, \fBprof_attr\fR, \fBuser_attr\fR, \fBethers\fR, -\fBrpc\fR, \fBprotocols\fR, \fBnetworks\fR, \fBbootparams\fR, \fBaudit_user\fR, +\fBrpc\fR, \fBprotocols\fR, \fBnetworks\fR, \fBbootparams\fR, \fBauth_attr\fR, \fBservices\fR, \fBnetmasks\fR, \fBprinters\fR, or \fBproject\fR. .sp @@ -178,7 +177,6 @@ automatically adjusts the hash table size. .RE .SH ATTRIBUTES -.sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -196,9 +194,8 @@ Interface Stability Committed .TE .SH SEE ALSO -.sp .LP -\fBnscd\fR(1M), \fBaudit_user\fR(4), \fBauth_attr\fR(4), \fBbootparams\fR(4), +\fBnscd\fR(1M), \fBauth_attr\fR(4), \fBbootparams\fR(4), \fBethers\fR(4), \fBexec_attr\fR(4), \fBgroup\fR(4), \fBhosts\fR(4), \fBnetmasks\fR(4), \fBnetworks\fR(4), \fBpasswd\fR(4), \fBprinters\fR(4), \fBprof_attr\fR(4), \fBproject\fR(4), \fBprotocols\fR(4), \fBrpc\fR(4), diff --git a/usr/src/man/man4/nsswitch.conf.4 b/usr/src/man/man4/nsswitch.conf.4 index dbfcbd6a1b..ea46118b9d 100644 --- a/usr/src/man/man4/nsswitch.conf.4 +++ b/usr/src/man/man4/nsswitch.conf.4 @@ -3,7 +3,7 @@ .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH NSSWITCH.CONF 4 "Feb 25, 2017" +.TH NSSWITCH.CONF 4 "Mar 6, 2017" .SH NAME nsswitch.conf \- configuration file for the name service switch .SH SYNOPSIS @@ -45,7 +45,7 @@ T} \fBnetmasks\fR \fBifconfig\fR(1M) \fBnetworks\fR \fBgetnetbyname\fR(3SOCKET) \fBpasswd\fR T{ -\fBgetpwnam\fR(3C), \fBgetspnam\fR(3C), \fBgetauusernam\fR(3BSM), \fBgetusernam\fR(3SECDB) +\fBgetpwnam\fR(3C), \fBgetspnam\fR(3C), \fBgetusernam\fR(3SECDB) T} \fBprinters\fR T{ \fBlp\fR(1), \fBlpstat\fR(1), \fBcancel\fR(1), \fBlpr\fR(1B), \fBlpq\fR(1B), \fBlprm\fR(1B), \fBin.lpd\fR(1M), \fBlpadmin\fR(1M), \fBlpget\fR(1M), \fBlpset\fR(1M) @@ -768,7 +768,7 @@ Sample configuration file that uses \fBfiles\fR, \fBdns\fR and \fBmdns\fR \fBkpasswd\fR(1), \fBldap\fR(1), \fBnewtask\fR(1), \fBpasswd\fR(1), \fBautomount\fR(1M), \fBifconfig\fR(1M), \fBmdnsd\fR(1M), \fBrpc.bootparamd\fR(1M), \fBsendmail\fR(1M), -\fBgetauusernam\fR(3BSM), \fBgetgrnam\fR(3C), \fBgetnetgrent\fR(3C), +\fBgetgrnam\fR(3C), \fBgetnetgrent\fR(3C), \fBgetpwnam\fR(3C), \fBgetspnam\fR(3C), \fBgethostbyname\fR(3NSL), \fBgetpublickey\fR(3NSL), \fBgetrpcbyname\fR(3NSL), \fBnetdir\fR(3NSL), \fBsecure_rpc\fR(3NSL), \fBgetprojent\fR(3PROJECT), |