PERFORCE change 107192 for review

Ruslan Ermilov ru at FreeBSD.org
Tue Oct 3 08:39:00 PDT 2006 

http://perforce.freebsd.org/chv.cgi?CH=107192

Change 107192 by ru at ru_edoofus on 2006/10/03 15:38:41

	- Shorten short descriptions (.Nd).
	- Fix markup.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/man/audit.log.5#12 edit
.. //depot/projects/trustedbsd/openbsm/man/audit_class.5#9 edit
.. //depot/projects/trustedbsd/openbsm/man/audit_control.5#15 edit
.. //depot/projects/trustedbsd/openbsm/man/audit_event.5#10 edit
.. //depot/projects/trustedbsd/openbsm/man/audit_user.5#9 edit
.. //depot/projects/trustedbsd/openbsm/man/audit_warn.5#8 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/man/audit.log.5#12 (text+ko) ====

@@ -23,14 +23,14 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#11 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#12 $
 .\"
 .Dd May 1, 2005
 .Dt AUDIT.LOG 5
 .Os
 .Sh NAME
 .Nm audit
-.Nd "Basic Security Module (BSM) File Format"
+.Nd "Basic Security Module (BSM) file format"
 .Sh DESCRIPTION
 The
 .Nm

==== //depot/projects/trustedbsd/openbsm/man/audit_class.5#9 (text+ko) ====

@@ -25,14 +25,14 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_class.5#8 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_class.5#9 $
 .\"
 .Dd January 24, 2004
 .Dt AUDIT_CLASS 5
 .Os
 .Sh NAME
 .Nm audit_class
-.Nd "contains audit event class descriptions"
+.Nd "audit event class descriptions"
 .Sh DESCRIPTION
 The
 .Nm
@@ -42,7 +42,7 @@
 mask (bitmap) to a class and a description.
 Entries are of the form:
 .Pp
-.Dl classmask:eventclass:description
+.D1 Ar classmask Ns : Ns Ar eventclass Ns : Ns Ar description
 .Pp
 Example entries in this file are:
 .Bd -literal -offset indent
@@ -54,7 +54,7 @@
 0xffffffff:all:all flags set
 .Ed
 .Sh FILES
-.Bl -tag -width "/etc/security/audit_class" -compact
+.Bl -tag -width ".Pa /etc/security/audit_class" -compact
 .It Pa /etc/security/audit_class
 .El
 .Sh HISTORY
@@ -63,9 +63,13 @@
 It was subsequently adopted by the TrustedBSD Project as the foundation for
 the OpenBSM distribution.
 .Sh AUTHORS
+.An -nosplit
 This software was created by McAfee Research, the security research division
 of McAfee, Inc., under contract to Apple Computer Inc.
-Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+Additional authors include
+.An Wayne Salamon ,
+.An Robert Watson ,
+and SPARTA Inc.
 .Pp
 The Basic Security Module (BSM) interface to audit records and audit event
 stream format were defined by Sun Microsystems.

==== //depot/projects/trustedbsd/openbsm/man/audit_control.5#15 (text+ko) ====

@@ -26,25 +26,25 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#14 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#15 $
 .\"
 .Dd January 4, 2006
 .Dt AUDIT_CONTROL 5
 .Os
 .Sh NAME
 .Nm audit_control
-.Nd "contains audit system parameters"
+.Nd "audit system parameters"
 .Sh DESCRIPTION
 The
 .Nm
 file contains several audit system parameters.
 Each line of this file is of the form:
 .Pp
-.Dl parameter:value
+.D1 Ar parameter Ns : Ns Ar value
 .Pp
 The parameters are:
-.Bl -tag -width Ds
-.It Pa dir
+.Bl -tag -width indent
+.It Va dir
 The directory where audit log files are stored.
 There may be more than one of these entries.
 Changes to this entry can only be enacted by restarting the
@@ -76,73 +76,85 @@
 .El
 .Sh AUDIT FLAGS
 Audit flags are a comma-delimited list of audit classes as defined in the
-.Pa audit_class
+.Xr audit_class 5
 file.
-See
-.Xr audit_class 5
-for details.
 Event classes may be preceded by a prefix which changes their interpretation.
 The following prefixes may be used for each class:
 .Pp
-.Bl -tag -width Ds -compact -offset indent
+.Bl -tag -width indent -compact -offset indent
 .It (none)
-Record both successful and failed events
-.It +
-Record successful events
-.It -
-Record failed events
-.It ^
-Record neither successful nor failed events
-.It ^+
-Do not record successful events
-.It ^-
-Do not record failed events
+Record both successful and failed events.
+.It Li +
+Record successful events.
+.It Li -
+Record failed events.
+.It Li ^
+Record neither successful nor failed events.
+.It Li ^+
+Do not record successful events.
+.It Li ^-
+Do not record failed events.
 .El
 .Sh AUDIT POLICY FLAGS
 The policy flags field is a comma-delimited list of policy flags from the
 following list:
 .Pp
-.Bl -tag -width zonename -compact -offset indent
-.It cnt
+.Bl -tag -width ".Cm zonename" -compact -offset indent
+.It Cm cnt
 Allow processes to continue running even though events are not being audited.
 If not set, processes will be suspended when the audit store space is
 exhausted.
 Currently, this is not a recoverable state.
-.It ahlt
-Fail stop the system if unable to audit an event--this consists of first
+.It Cm ahlt
+Fail stop the system if unable to audit an event\[em]this consists of first
 draining pending records to disk, and then halting the operating system.
-.It argv
+.It Cm argv
 Audit command line arguments to
 .Xr execve 2 .
-.It arge
+.It Cm arge
 Audit environmental variable arguments to
 .Xr execve 2 .
-.It seq
+.It Cm seq
 Include a unique audit sequence number token in generated audit records (not
-implemented on FreeBSD or Darwin).
-.It group
+implemented on
+.Fx
+or Darwin).
+.It Cm group
 Include supplementary groups list in generated audit records (not implemented
-on FreeBSD or Darwin; supplementary groups are never included in records on
+on
+.Fx
+or Darwin; supplementary groups are never included in records on
 these systems).
-.It trail
-Append a trailer token to each audit record (not implemented on FreeBSD or
+.It Cm trail
+Append a trailer token to each audit record (not implemented on
+.Fx
+or
 Darwin; trailers are always included in records on these systems).
-.It path
-Include secondary file paths in audit records (not implemented on FreeBSD or
+.It Cm path
+Include secondary file paths in audit records (not implemented on
+.Fx
+or
 Darwin; secondary paths are never included in records on these systems).
-.It zonename
-Include a zone ID token with each audit record (not implemented on FreeBSD or
-Darwin; FreeBSD audit records do not currently include the jail ID or name.)
-.It perzone
-Enable auditing for each local zone (not implemented on FreeBSD or Darwin; on
-FreeBSD, audit records are collected from all jails and placed in a single
-global trail, and only limited audit controls are permitted within a jail.)
+.It Cm zonename
+Include a zone ID token with each audit record (not implemented on
+.Fx
+or
+Darwin;
+.Fx
+audit records do not currently include the jail ID or name).
+.It Cm perzone
+Enable auditing for each local zone (not implemented on
+.Fx
+or Darwin; on
+.Fx ,
+audit records are collected from all jails and placed in a single
+global trail, and only limited audit controls are permitted within a jail).
 .El
 .Pp
 It is recommended that installations set the
-.Dv cnt
+.Cm cnt
 flag but not
-.Dv ahlt
+.Cm ahlt
 flag unless it is intended that audit logs exceeding available disk space
 halt the system.
 .Sh DEFAULT
@@ -169,7 +181,7 @@
 The trail file will not be automatically rotated by the audit daemon based on
 file size.
 .Sh FILES
-.Bl -tag -width "/etc/security/audit_control" -compact
+.Bl -tag -width ".Pa /etc/security/audit_control" -compact
 .It Pa /etc/security/audit_control
 .El
 .Sh SEE ALSO
@@ -183,9 +195,13 @@
 It was subsequently adopted by the TrustedBSD Project as the foundation for
 the OpenBSM distribution.
 .Sh AUTHORS
+.An -nosplit
 This software was created by McAfee Research, the security research division
 of McAfee, Inc., under contract to Apple Computer Inc.
-Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+Additional authors include
+.An Wayne Salamon ,
+.An Robert Watson ,
+and SPARTA Inc.
 .Pp
 The Basic Security Module (BSM) interface to audit records and audit event
 stream format were defined by Sun Microsystems.

==== //depot/projects/trustedbsd/openbsm/man/audit_event.5#10 (text+ko) ====

@@ -25,14 +25,14 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_event.5#9 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_event.5#10 $
 .\"
 .Dd January 24, 2004
 .Dt AUDIT_EVENT 5
 .Os
 .Sh NAME
 .Nm audit_event
-.Nd "contains audit event descriptions"
+.Nd "audit event descriptions"
 .Sh DESCRIPTION
 The
 .Nm
@@ -40,16 +40,15 @@
 Each line maps an audit event number to a name, a description, and a class.
 Entries are of the form:
 .Pp
-.Dl eventnum:eventname:description:eventclass
+.Sm off
+.D1 Ar eventnum : eventname : description : eventclass
+.Sm on
 .Pp
 Each
-.Vt eventclass
+.Ar eventclass
 should have a corresponding entry in the
-.Pa audit_class
+.Xr audit_class 5
 file.
-See
-.Xr audit_class 5
-for details.
 .Pp
 Example entries in this file are:
 .Bd -literal -offset indent
@@ -59,7 +58,7 @@
 3:AUE_OPEN:open(2):fa
 .Ed
 .Sh FILES
-.Bl -tag -width "/etc/security/audit_event" -compact
+.Bl -tag -width ".Pa /etc/security/audit_event" -compact
 .It Pa /etc/security/audit_event
 .El
 .Sh SEE ALSO
@@ -70,9 +69,13 @@
 It was subsequently adopted by the TrustedBSD Project as the foundation for
 the OpenBSM distribution.
 .Sh AUTHORS
+.An -nosplit
 This software was created by McAfee Research, the security research division
 of McAfee, Inc., under contract to Apple Computer Inc.
-Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+Additional authors include
+.An Wayne Salamon ,
+.An Robert Watson ,
+and SPARTA Inc.
 .Pp
 The Basic Security Module (BSM) interface to audit records and audit event
 stream format were defined by Sun Microsystems.

==== //depot/projects/trustedbsd/openbsm/man/audit_user.5#9 (text+ko) ====

@@ -25,20 +25,20 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_user.5#8 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_user.5#9 $
 .\"
 .Dd February 5, 2006
 .Dt AUDIT_USER 5
 .Os
 .Sh NAME
 .Nm audit_user
-.Nd "specifies events to be audited for the given users"
+.Nd "events to be audited for given users"
 .Sh DESCRIPTION
 The
 .Nm
 file specifies which audit event classes are to be audited for the given users.
 If specified, these flags are combined with the system-wide audit flags in the
-.Pa audit_control
+.Xr audit_control 5
 file to determine which classes of events to audit for that user.
 These settings take effect when the user logs in.
 .Pp
@@ -46,12 +46,12 @@
 list of classes that should not be audited.
 Entries are of the form:
 .Pp
-.Dl username:alwaysaudit:neveraudit
+.D1 Ar username Ns : Ns Ar alwaysaudit Ns : Ns Ar neveraudit
 .Pp
 In the format above,
-.Vt alwaysaudit
+.Ar alwaysaudit
 is a set of event classes that are always audited, and
-.Vt neveraudit
+.Ar neveraudit
 is a set of event classes that should not be audited.
 These sets can indicate
 the inclusion or exclusion of multiple classes, and whether to audit successful
@@ -67,14 +67,16 @@
 .Ed
 .Pp
 These settings would cause login/logout and administrative events that
-succeed on behalf of user root to be audited.
+succeed on behalf of user
+.Dq Li root
+to be audited.
 No failure events are audited.
 For the user
-.Em jdoe ,
+.Dq Li jdoe ,
 failed file creation events are audited, administrative events are
 audited, and successful file write events are never audited.
 .Sh FILES
-.Bl -tag -width "/etc/security/audit_user" -compact
+.Bl -tag -width ".Pa /etc/security/audit_user" -compact
 .It Pa /etc/security/audit_user
 .El
 .Sh SEE ALSO
@@ -85,9 +87,13 @@
 It was subsequently adopted by the TrustedBSD Project as the foundation for
 the OpenBSM distribution.
 .Sh AUTHORS
+.An -nosplit
 This software was created by McAfee Research, the security research division
 of McAfee, Inc., under contract to Apple Computer Inc.
-Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+Additional authors include
+.An Wayne Salamon ,
+.An Robert Watson ,
+and SPARTA Inc.
 .Pp
 The Basic Security Module (BSM) interface to audit records and audit event
 stream format were defined by Sun Microsystems.

==== //depot/projects/trustedbsd/openbsm/man/audit_warn.5#8 (text+ko) ====

@@ -25,7 +25,7 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_warn.5#7 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_warn.5#8 $
 .\"
 .Dd March 17, 2004
 .Dt AUDIT_WARN 5
@@ -34,7 +34,9 @@
 .Nm audit_warn
 .Nd "alert when audit daemon issues warnings"
 .Sh DESCRIPTION
+The
 .Nm
+script
 runs when
 .Xr auditd 8
 generates warning messages.
@@ -49,7 +51,7 @@
 For example, a low-space warning
 could result in an email message being sent to the administrator.
 .Sh FILES
-.Bl -tag -width "/etc/security/audit_warn" -compact
+.Bl -tag -width ".Pa /etc/security/audit_messages" -compact
 .It Pa /etc/security/audit_warn
 .It Pa /etc/security/audit_messages
 .El
@@ -61,9 +63,13 @@
 It was subsequently adopted by the TrustedBSD Project as the foundation for
 the OpenBSM distribution.
 .Sh AUTHORS
+.An -nosplit
 This software was created by McAfee Research, the security research division
 of McAfee, Inc., under contract to Apple Computer Inc.
-Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+Additional authors include
+.An Wayne Salamon ,
+.An Robert Watson ,
+and SPARTA Inc.
 .Pp
 The Basic Security Module (BSM) interface to audit records and audit event
 stream format were defined by Sun Microsystems.

More information about the trustedbsd-cvs mailing list