From 4fae3f6a4aec0b2ccf88592624f71ae94d961ef8 Mon Sep 17 00:00:00 2001 From: rwatson Date: Mon, 6 Feb 2006 00:06:04 +0000 Subject: Vendor branch import of OpenBSM 1.0 alpha 3: - Man page formatting, cross reference, mlinks, and accuracy improvements. - auditd and tools now compile and run on FreeBSD/arm. - auditd will now fchown() the trail file to the audit review group, if defined at compile-time. - Added AUE_SYSARCH for FreeBSD. - Definition of AUE_SETFSGID fixed for Linux. Many thanks to: brueffer, cognet Obtained from: TrustedBSD Project --- contrib/openbsm/man/audit_user.5 | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'contrib/openbsm/man/audit_user.5') diff --git a/contrib/openbsm/man/audit_user.5 b/contrib/openbsm/man/audit_user.5 index abb74a3..05877d5 100644 --- a/contrib/openbsm/man/audit_user.5 +++ b/contrib/openbsm/man/audit_user.5 @@ -25,9 +25,9 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_user.5#5 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_user.5#7 $ .\" -.Dd Jan 24, 2004 +.Dd February 5, 2006 .Dt AUDIT_USER 5 .Os .Sh NAME @@ -44,9 +44,11 @@ These settings take effect when the user logs in. .Pp Each line maps a user name to a list of classes that should be audited and a list of classes that should not be audited. -Entries are of the form of -.Dl username:alwaysaudit:neveraudit , -where +Entries are of the form: +.Pp +.Dl username:alwaysaudit:neveraudit +.Pp +In the format above, .Vt alwaysaudit is a set of event classes that are always audited, and .Vt neveraudit @@ -64,8 +66,8 @@ root:lo,ad:no jdoe:-fc,ad:+fw .Ed .Pp -These settings would cause login and administrative events that succeed on -behalf of user root to be audited. +These settings would cause login/logout and administrative events that +succeed on behalf of user root to be audited. No failure events are audited. For the user .Em jdoe , -- cgit v1.1