개요

• 솔라나라에 설명된 어플리케이션에 대해 맨 페이지를 찾아 출력한다.
• MAN 페이지에 대한 설명은 윈디하나의 솔라나라: MAN 페이지을 참고하자.
• svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.

audit_class(5)

audit_class(5)                   File Formats                   audit_class(5)



NAME
       audit_class - audit class definitions

SYNOPSIS
       /etc/security/audit_class
       /etc/security/audit_class.system

DESCRIPTION
       The  audit_class file provides the class definitions used for configur‐
       ing the audit system. Audit events in audit_event(5) are mapped to  one
       or  more of the defined audit classes. audit_event(5) can be updated in
       conjunction  with  changes  to  audit_class.  See  auditconfig(8)   and
       user_attr(5)  for  information about changing the preselection of audit
       classes in the audit system.


       The system defined audit classes are delivered  in  the  readonly  file
       /etc/security/audit_class.system. The /etc/security/audit_class file is
       provided for administrator customisation. The administrator can add new
       audit class or can customise existing metaclasses.


       The  audit system looks for audit class definitions in the files in the
       following order:

           1.     /etc/security/audit_class


           2.     /etc/security/audit_class.system




       The fields for each class entry are separated  by  colons.  Each  class
       entry is a bitmap and is separated from each other by a NEWLINE.


       Each entry in the audit_class file has the form:

         mask:name:description



       The fields are defined as follows:

       mask           class mask


       name           class name


       description    class description



       Each  class is represented as a bit in the 64 bit class mask. There are
       64 different classes available. Meta-classes can also be defined. Meta-
       classes  are supersets composed of multiple base classes, and have more
       than 1 bit in mask. See EXAMPLES.


       Two special meta-classes are pre-defined: all and no.

       all    Represents a conjunction of all allowed classes, and is provided
              as a shorthand method of specifying all classes.


       no     Is  the invalid class, and any event mapped solely to this class
              are not audited. Turning auditing on to the all meta-class  does
              not  cause events mapped solely to the no class to be written to
              the audit trail. This class is also used to map obsolete  events
              which  are  no longer generated. Obsolete events are retained to
              process old audit trails files.

              Redefining the no class to have non-zero value can have undesir‐
              able side effects



       The mask positions 0xff00000000000000 are reserved for local site use.

EXAMPLES
       Example 1 Using an audit_class File



       The following is an example of an audit_class file:


         0x0100000000000000:pf:profile command




       To refresh the audit service to update the runtime mappings:


         # svcadm refresh svc:/system/auditset:default


FILES
       /etc/security/audit_class


       /etc/security/audit_class.system

ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab()  box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
       TRIBUTE VALUE _ Interface StabilitySee below.



       The file format stability is Committed. The file content  is  Uncommit‐
       ted.

SEE ALSO
       audit_event(5),  user_attr(5), audit_flags(7), attributes(7), auditcon‐
       fig(8), auditrecord(8)


       Managing Auditing in Oracle Solaris 11.4



Oracle Solaris 11.4               21 Jun 2021                   audit_class(5)