1 :Info: display_process_audit_flags: 1986-03-13 display_process_audit_flags
2
3 Syntax as a command:
4 display_process_audit_flags -control_arg
5
6
7 Function: Displays the current state of the process security audit
8 control flags.
9
10
11 Control arguments:
12 -long, -lg
13 specifies that a long format is to be displayed.
14 -brief, -bf
15 specifies that the short format is to be displayed Default.
16
17
18 Access required:
19 The user of this command must have "re" access to access_audit_gate_.
20
21
22 Notes:
23 For a description of the process audit flags please refer to the
24 writeup on the "new_user" command in the "System Maintenance and
25 Operation Commands" manual order no. GB64 and the section "Security
26 Auditing" in the "System Administration Procedures" order no. AK50.
27
28 See also the set_process_audit_flags and edit_process_audit_flags
29 commands.
30
31
32 Examples:
33
34 ! display_process_audit_flags
35 fsobj=N/N,fsattr=MA/MA,rcp=R/R,admin=R/R,special=R/R, ...
36 ... other=MA/R,admin_op,priv_op,fault,small_cc,moderate_cc
37
38
39 ! display_process_audit_flags -long
40 Object Grant Level Deny Level
41
42 File_System_Object No_Audit No_Audit
43 File_System_Attribute Modify_Access Modify_Access
44 RCP_Object Read Read
45 Administrative_Object Read Read
46 Special_Object Read Read
47 Other_Object Modify_Access Read
48
49 Audited Events:
50 Administrative_Operation
51 Privileged_Operation
52 ACV/IPR_Fault
53 Small_Covert_Channel
54 Moderate_Covert_Channel
55
56
57 :Info: edit_process_audit_flags: set_process_audit_flags:
58 1986-03-13 edit_process_audit_flags, set_process_audit_flags
59
60 Syntax as a command:
61 edit_process_audit_flags flags_str
62 set_process_audit_flags flags_str
63
64
65 Function: Sets the process security audit flags to the supplied value.
66 The set_process_audit_flags command will turn on the specified flags,
67 and turn off all others. The edit_process_audit_flags command will
68 affect turn on or off only those flags given in the flags_str.
69
70
71 Arguments:
72 flags_str
73 is an audit flags string acceptable to convert_access_audit_flags_.
74 If this argument is omitted, the command enters a prompt loop in
75 which the user is asked for an audit flags string. A "." entered
76 alone on a line will cause the loop to exit.
77
78
79 Access required:
80 The user must have "re" access on system_privilege_ and
81 access_audit_gate_. The user must also have "r" access to
82 >udd>SysAdmin>admin>sys_admin_data if the "default" keyword is used.
83
84
85 Notes:
86 For a description of the process audit flags please refer to the
87 writeup on the "new_user" command in the "System Maintenance and
88 Operation Commands" manual order no. GB64 and the section "Security
89 Auditing" in the "System Administration Procedures" order no. AK50.
90
91 These commands are meant for experimentation with security audit
92 control flags by the system security administrator. Permanent
93 settings for processes should be placed in the appropriate PNT/SAT
94 entries with the new_user/edit_proj command.
95
96
97 The special keywords "none", "all", and "default" are also recognized
98 for the audit flags string. They specify:
99
100 "none" - all audit flags turned off,
101 "all" - all audit flags turned on,
102 "default" - audit flags set to default found in sys_admin_data.
103
104 See also the display_process_audit_flags command.
105
106
107 Examples:
108
109 ! set_process_audit_flags default
110 ! display_process_audit_flags
111 fsobj=N/R,fsattr=N/R,rcp=N/R,admin=R/R,special=R/R, ...
112 ... other=N/R,admin_op,priv_op,fault,^small_cc,^moderate_cc
113
114 ! edit_process_audit_flags rcp=ma/ma,admin=n/,special=/n
115 ! display_process_audit_flags
116 fsobj=N/R,fsattr=N/R,rcp=MA/MA,admin=N/R,special=R/N, ...
117 ... other=N/R,admin_op,priv_op,fault,^small_cc,^moderate_cc
118
119
120 ! set_process_audit_flags rcp=n/r,admin=r/,special=/r
121 ! display_process_audit_flags
122 fsobj=N/N,fsattr=N/N,rcp=N/R,admin=R/N,special=N/R, ...
123 ... other=N/N,^admin_op,^priv_op,^fault,^small_cc,^moderate_cc
124
125
126 ! set_process_audit_flags default
127 ! edit_process_audit_flags
128 current flags: fsobj=N/R,fsattr=N/R,rcp=N/R,admin=R/R, ...
129 ... special=R/R,other=N/R,admin_op,priv_op, ...
130 ... fault,^small_cc,^moderate_cc
131 enter flags: ! fsobj=r/
132 new flags: fsobj=R/R,fsattr=N/R,rcp=N/R,admin=R/R, ...
133 ... special=R/R,other=N/R,admin_op,priv_op, ...
134 ... fault,^small_cc,^moderate_cc
135 enter flags: ! fsobj=/m
136 new flags: fsobj=R/M,fsattr=N/R,rcp=N/R,admin=R/R, ...
137 ... special=R/R,other=N/R,admin_op,priv_op, ...
138 ... fault,^small_cc,^moderate_cc
139 enter flags: ! ^admin_op,^fault,other=ma/ma
140 new flags: fsobj=R/M,fsattr=N/R,rcp=N/R,admin=R/R, ...
141 ... special=R/R,other=MA/MA,^admin_op,priv_op, ...
142 ... ^fault,^small_cc,^moderate_cc
143 enter flags: ! .
144
145
146 :hcom:
147
148
149
150 /****^ HISTORY COMMENTS:
151 1) change2020-05-19GDixon, approve2021-02-22MCR10088,
152 audit2021-05-27Swenson, install2021-05-27MR12.6g-0056:
153 A) Change "Syntax:" to "Syntax as a command:" in command info seg
154 last changed after 1984.
155 B) isodate format for header dates.
156 END HISTORY COMMENTS */
157
158
159