PERFORCE change 144985 for review

Stacey Son sson at FreeBSD.org
Thu Jul 10 04:10:49 UTC 2008 

http://perforce.freebsd.org/chv.cgi?CH=144985

Change 144985 by sson at sson_amd64 on 2008/07/10 04:10:22

	Rewrote the A_SETPOLICY section of auditon(2).

Affected files ...

.. //depot/projects/trustedbsd/openbsm/man/auditon.2#13 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/man/auditon.2#13 (text+ko) ====

@@ -25,7 +25,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#12 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#13 $
 .\"
 .Dd April 19, 2005
 .Dt AUDITON 2
@@ -63,32 +63,32 @@
 argument
 must point to a
 .Vt long
-value set to one of the following audit
-policy control values:
-either
-.Dv AUDIT_CNT
-or
-.Dv AUDIT_AHLT .
-In the
-.Dv AUDIT_CNT
-case, the action will continue regardless if
-an event will not be audited.
-In the
-.Dv AUDIT_AHLT
-case, a
+value set to one or more the following audit
+policy control values bitwise OR'ed together:
+.Dv AUDIT_CNT ,
+.Dv AUDIT_AHLT ,
+.Dv AUDIT_ARGV ,
+and
+.Dv AUDIT_ARGE .
+If
+.Dv AUDIT_CNT is set, the system will continue even if the system becomes low
+on space and discontinue logging events until the low space condition is 
+remedied.  If it is not set, audited events will block until the low space 
+condition is remedied.  Unaudited events, however, are unaffected.
+If 
+.Dv AUDIT_AHLT is set, a 
 .Xr panic 9
-will result if an event will not be written to the
-audit log file.  In addition to one of the audit policy control values
-defined above, the argument may also include 
+if it cannot write an event to the global audit log file.
+If 
 .Dv AUDIT_ARGV
-or
-.Dv AUDIT_ARGE 
-or both.
-These flags will audit the argument list and environment variables
-passed to the
-.Xr execve
-system call and are added by bitwise OR'ing to the audit control policy 
-argument.
+is set, then the argument list passed to the 
+.Xr execve 2 
+system call will be audited.  If
+.Dv AUDIT_ARGE
+is set, then the environment variables passed to the
+.Xr execve 2
+system call will be audited.  The default policy is none of the audit policy
+control flags set. 
 .It Dv A_SETKAUDIT
 Return
 .Er ENOSYS .

More information about the p4-projects mailing list