内に含ま
その他のドキュメント
サポート リソース
|  PDF 文書ファイルをダウンロードする (548 KB)
Appendix C Audit Reference
Auditing brings a number of additional utilities to the Trusted Solaris operating environment. The utilities are listed here in four sections, each of which has a table below. Each table gives utility names and a short description of the task performed by each utility. The sections are identified by the
man page suffix. The fifth table gives the filesystem security attributes of files in the auditing subsystem.
Table C-1 Section 1M -- Maintenance Commands
Table C-2 Section 2 -- System Calls
|
System Call
|
System Parameter
|
Task
|
|
audit(2)
|
|
Write a record to the audit log
|
|
auditon(2)
|
|
Manipulate auditing:
|
|
|
A_GETPOLICY
|
Get audit policy flags
|
|
|
A_SETPOLICY
|
Set audit policy flags
|
|
|
A_GETKMASK
|
Get asynchronous audit event preselection mask
|
|
|
A_SETKMASK
|
Set asynchronous audit event preselection mask
|
|
|
A_GETQCTRL
|
Get the kernel audit queue control parameters
|
|
|
A_SETQCTRL
|
Set the kernel audit queue control parameters
|
|
|
A_GETSTAT
|
Get the audit system statistics
|
|
|
A_SETSTAT
|
Reset the audit system statistics
|
|
|
A_GETCOND
|
Determine if auditing is on/off/disabled
|
|
|
A_SETCOND
|
Set auditing to on/off
|
|
|
A_GETFSIZE
|
Get the size limit for an audit trail file
|
|
|
A_GETCLASS
|
Return the event to class mapping for the designated event
|
|
|
A_SETCLASS
|
Set the event to class mapping for the designated audit event
|
|
|
A_GETPINFO
|
Get the audit information for the specified process
|
|
|
A_SETPMASK
|
Set the preselection mask for a specified process
|
|
|
A_SETUMASK
|
Set the process mask for all processes of a specified audit ID
|
|
|
A_SETSMASK
|
Set the process mask for all processes of a specified session ID
|
|
|
A_GETCWD
|
Get the current working directory for this process
|
|
|
A_GETCAR
|
Get the current active root for this process
|
|
auditsvc(2)
|
|
Write audit log to specified file descriptor
|
|
getaudit(2)
|
|
Get process audit information
|
|
setaudit(2)
|
|
Set process audit information
|
|
getauid(2)
|
|
Get user audit identity
|
|
setauid(2)
|
|
Set user audit identity
|
Table C-3 Section 3 -- C Library Functions
|
Library Call
|
Task
|
|
au_preselect(3BSM)
|
Preselect an audit event
|
|
au_user_mask(3BSM)
|
Get user's binary preselection mask
|
|
getacdir(3BSM), getacmin(3BSM), getacflg(3BSM), getacna(3BSM), setac(3BSM), endac(3BSM)
|
Get audit_control(4) file information
|
|
getauclassnam(3BSM), getauclassnam_r(3BSM), getauclassent(3BSM), getauclassent_r(3BSM), setauclass(3BSM), endauclass(3BSM)
|
Get audit_class(4) entries
|
|
getauditflagsbin(3BSM), getauditflagschar(3BSM)
|
Convert audit flag specifications
|
|
getauevent(3BSM), getauevent_r(3BSM), getauevnam(3BSM), getauevnam_r(3BSM), getauevnum(3BSM), getauevnum_r(3BSM), getauevnonam(3BSM), setauevent(3BSM), endauevent(3BSM)
|
Get audit_event(4)entries
|
|
getauusernam(3BSM), getauuserent(3BSM), setauuser(3BSM), endauuser(3BSM)
|
Get audit_user(4) entries
|
|
getfauditflags(3BSM)
|
Generate the process audit state
|
Table C-4 Section 4 -- Headers, Tables, and Macros
Table C-5 Filesystem Security Attributes for the Audit Subsystem
|
