[Q] BSM audit_user file
From:Date: 10/31/02
- Next message: Felix Tilley: "Re: Unix ist =?ISO-8859-1?q?tats=E4chlich= =?ISO-8859-1?q?Schei=DFe="
- Previous message: Tim Haynes: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Oct 2002 18:08:54 -0800
During setting up BSM in Solaris8 on Ultra10 workstation, I met a problem.
I willing to audit all users including root and not to audit at all
about user "foo". I set up audit_control and audit_user like
following.
1. audit_control
flags:lo,ad,-all,^-fc
2. audit_user
foo::all
When user logins as "foo", no audit is generated. But, When he switchs to
root using "su", the problem happen. After he become root, BSM audit is
generated. I hope no audit is generated even after "su".
So, I have some question.
1. What does "username" in audit_user file mean? audit ID or effective
user ID?
2. How can I solve this problem?
Hope advice.
Thanks in advance,
Chun-Mok Chung
- Next message: Felix Tilley: "Re: Unix ist =?ISO-8859-1?q?tats=E4chlich= =?ISO-8859-1?q?Schei=DFe="
- Previous message: Tim Haynes: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
