Print this page
11037 SMB File access audit logging (reserve IDs)
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/lib/libbsm/audit_class.txt
+++ new/usr/src/lib/libbsm/audit_class.txt
1 1 #
2 2 # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
3 3 # Use is subject to license terms.
4 4 #
5 +# Copyright 2018 Nexenta Systems, Inc. All rights reserved.
6 +#
5 7 # CDDL HEADER START
6 8 #
7 9 # The contents of this file are subject to the terms of the
8 10 # Common Development and Distribution License (the "License").
9 11 # You may not use this file except in compliance with the License.
10 12 #
11 13 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12 14 # or http://www.opensolaris.org/os/licensing.
13 15 # See the License for the specific language governing permissions
14 16 # and limitations under the License.
15 17 #
16 18 # When distributing Covered Code, include this CDDL HEADER in each
17 19 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18 20 # If applicable, add the following below this CDDL HEADER, with the
19 21 # fields enclosed by brackets "[]" replaced with your own identifying
20 22 # information: Portions Copyright [yyyy] [name of copyright owner]
21 23 #
22 24 # CDDL HEADER END
23 25 #
24 -# ident "%Z%%M% %I% %E% SMI"
25 -#
26 26 # User Level Class Masks
27 27 #
28 28 # Developers: If you change this file you must also edit audit.h.
29 29 #
30 30 # "Meta-classes" can be created; these are supersets composed of multiple base
31 31 # classes, and thus will have more than 1 bit in its mask. See "ad", "all",
32 32 # "am", and "pc" below for examples.
33 33 #
34 34 # The "no" (invalid) class below is commonly (but not exclusively) used in
35 35 # audit_event for obsolete events.
36 36 #
37 37 #
38 38 # File Format:
39 39 #
40 40 # mask:name:description
41 41 #
42 42 0x00000000:no:invalid class
43 43 0x00000001:fr:file read
44 44 0x00000002:fw:file write
45 45 0x00000004:fa:file attribute access
46 46 0x00000008:fm:file attribute modify
47 47 0x00000010:fc:file create
48 48 0x00000020:fd:file delete
49 49 0x00000040:cl:file close
50 50 0x00000100:nt:network
51 51 0x00000200:ip:ipc
52 52 0x00000400:na:non-attribute
53 53 0x00001000:lo:login or logout
54 54 0x00004000:ap:application
55 55 0x00008000:cy:cryptographic
56 56 0x00010000:ss:change system state
57 57 0x00020000:as:system-wide administration
58 58 0x00040000:ua:user administration
↓ open down ↓ |
23 lines elided |
↑ open up ↑ |
59 59 0x00070000:am:administrative (meta-class)
60 60 0x00080000:aa:audit utilization
61 61 0x000f0000:ad:old administrative (meta-class)
62 62 0x00100000:ps:process start/stop
63 63 0x00200000:pm:process modify
64 64 0x00300000:pc:process (meta-class)
65 65 0x00400000:xp:X - privileged/administrative operations
66 66 0x00800000:xc:X - object create/destroy
67 67 0x01000000:xs:X - operations that always silently fail, if bad
68 68 0x01c00000:xx:X - all X events (meta-class)
69 +0x02000000:sa:SACL-based File Access Auditing
69 70 0x20000000:io:ioctl
70 71 0x40000000:ex:exec
71 72 0x80000000:ot:other
72 73 0xffffffff:all:all classes (meta-class)
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX