Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ auditentry(1M) — Motorola System V 88k Release 4 Version 4.2

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

auclassmgmt(1M)

aueventmgmt(1M)

au_entry(3A)

a_fill_aubuff(3A)

auclass(4)

auevent(4)

auditentry(1M)  —  ADMINISTRATOR COMMANDS

NAME

auditentry − generates an audit entry record

SYNOPSIS

auditentry classname eventname reasonID description

DESCRIPTION

auditentry allows root to send an entry to the audit log.  It is a convenient method for shell scripts to issue au_entry(3A) calls. 

The parameters are:

classname The printable, user defined audit class name from /var/security/auclass.  Note that the audit class name must match the value in the file exactly (including case matching).  User defined audit classes fall in the range from 300 to 355 (as defined by MIN_USER_CLASS and MAX_USER_CLASS in <sys/audit.h>). 

eventname The printable audit event name from /var/security/auevent.  Note that the audit event name must match the value in the file exactly (including case matching). 

reasonID The reason code, as listed in <sys/aureason.h>.  Only the first character is examined, and that character may be uppercase or lowercase. 

description The text description to be placed in the audit log. 

Note that execution of this command does not guarantee that the entry will actually be made in the audit log; that depends on the current process audit mask and system audit parameters. 

EXAMPLE

The following are typical uses of auditentry:

auditentry lp LP_SUCCESS success "successful print"
auditentry crontab CRONTAB_MAIN_2 "DAC Fail" "discretionary access \

failure"

DIAGNOSTICS

There are no printed error messages.  The exit code indicates the success or failure of the operation:

0 Success. 

1 Incorrect number of arguments. 

2 Could not open /var/security/auclass, invalid audit class name, or audit class was not a user defined audit class. 

3 Could not open /var/security/auevent, or invalid audit event name. 

4 Invalid reason code. 

5 Could not build audit buffer. 

6 au_entry(3A) failed. 

FILES

/var/security/auclass Audit class file

/var/security/auevent Audit event type file

SEE ALSO

auclassmgmt(1M), aueventmgmt(1M), au_entry(3A), a_fill_aubuff(3A),
auclass(4), auevent(4)

(Security Enhancement)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026