nzak-upstream Wdiff usr/src/lib/libbsm/audit_class.txt

Print this page

11037 SMB File access audit logging (reserve IDs)

Split	Close
Expand all
Collapse all

          --- old/usr/src/lib/libbsm/audit_class.txt
          +++ new/usr/src/lib/libbsm/audit_class.txt
   1    1  #
   2    2  # Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
   3    3  # Use is subject to license terms.
   4    4  #
        5 +# Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
        6 +#
   5    7  # CDDL HEADER START
   6    8  #
   7    9  # The contents of this file are subject to the terms of the
   8   10  # Common Development and Distribution License (the "License").
   9   11  # You may not use this file except in compliance with the License.
  10   12  #
  11   13  # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  12   14  # or http://www.opensolaris.org/os/licensing.
  13   15  # See the License for the specific language governing permissions
  14   16  # and limitations under the License.
  15   17  #
  16   18  # When distributing Covered Code, include this CDDL HEADER in each
  17   19  # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  18   20  # If applicable, add the following below this CDDL HEADER, with the
  19   21  # fields enclosed by brackets "[]" replaced with your own identifying
  20   22  # information: Portions Copyright [yyyy] [name of copyright owner]
  21   23  #
  22   24  # CDDL HEADER END
  23   25  #
  24      -# ident "%Z%%M% %I%     %E% SMI"
  25      -#
  26   26  # User Level Class Masks
  27   27  #
  28   28  # Developers: If you change this file you must also edit audit.h.
  29   29  #
  30   30  # "Meta-classes" can be created; these are supersets composed of multiple base
  31   31  # classes, and thus will have more than 1 bit in its mask. See "ad", "all",
  32   32  # "am", and "pc" below for examples.
  33   33  #
  34   34  # The "no" (invalid) class below is commonly (but not exclusively) used in
  35   35  # audit_event for obsolete events.

  36   36  #
  37   37  #
  38   38  # File Format:
  39   39  #
  40   40  #       mask:name:description
  41   41  #
  42   42  0x00000000:no:invalid class
  43   43  0x00000001:fr:file read
  44   44  0x00000002:fw:file write
  45   45  0x00000004:fa:file attribute access
  46   46  0x00000008:fm:file attribute modify
  47   47  0x00000010:fc:file create
  48   48  0x00000020:fd:file delete
  49   49  0x00000040:cl:file close
  50   50  0x00000100:nt:network
  51   51  0x00000200:ip:ipc
  52   52  0x00000400:na:non-attribute
  53   53  0x00001000:lo:login or logout
  54   54  0x00004000:ap:application
  55   55  0x00008000:cy:cryptographic
  56   56  0x00010000:ss:change system state
  57   57  0x00020000:as:system-wide administration
  58   58  0x00040000:ua:user administration

↓ open down ↓

23 lines elided

↑ open up ↑

  59   59  0x00070000:am:administrative (meta-class)
  60   60  0x00080000:aa:audit utilization
  61   61  0x000f0000:ad:old administrative (meta-class)
  62   62  0x00100000:ps:process start/stop
  63   63  0x00200000:pm:process modify
  64   64  0x00300000:pc:process (meta-class)
  65   65  0x00400000:xp:X - privileged/administrative operations
  66   66  0x00800000:xc:X - object create/destroy
  67   67  0x01000000:xs:X - operations that always silently fail, if bad
  68   68  0x01c00000:xx:X - all X events (meta-class)
       69 +0x02000000:sa:SACL-based File Access Auditing
  69   70  0x20000000:io:ioctl
  70   71  0x40000000:ex:exec
  71   72  0x80000000:ot:other
  72   73  0xffffffff:all:all classes (meta-class)

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX