documentation/info_segments/display_process_audit

  1 :Info: display_process_audit_flags:  1986-03-13  display_process_audit_flags
  2 
  3 Syntax as a command:
  4    display_process_audit_flags {-control_arg}
  5 
  6 
  7 Function: Displays the current state of the process security audit
  8 control flags.
  9 
 10 
 11 Control arguments:
 12 -long, -lg
 13    specifies that a long format is to be displayed.
 14 -brief, -bf
 15    specifies that the short format is to be displayed (Default).
 16 
 17 
 18 Access required:
 19 The user of this command must have "re" access to access_audit_gate_.
 20 
 21 
 22 Notes:
 23 For a description of the process audit flags please refer to the
 24 writeup on the "new_user" command in the "System Maintenance and
 25 Operation Commands" manual (order no.  GB64) and the section "Security
 26 Auditing" in the "System Administration Procedures" (order no.  AK50).
 27 
 28 See also the set_process_audit_flags and edit_process_audit_flags
 29 commands.
 30 
 31 
 32 Examples:
 33 
 34    ! display_process_audit_flags
 35      fsobj=N/N,fsattr=MA/MA,rcp=R/R,admin=R/R,special=R/R, ...
 36           ... other=MA/R,admin_op,priv_op,fault,small_cc,moderate_cc
 37 
 38 
 39    ! display_process_audit_flags -long
 40      Object                  Grant Level     Deny Level
 41 
 42      File_System_Object      No_Audit        No_Audit
 43      File_System_Attribute   Modify_Access   Modify_Access
 44      RCP_Object              Read            Read
 45      Administrative_Object   Read            Read
 46      Special_Object          Read            Read
 47      Other_Object            Modify_Access   Read
 48 
 49      Audited Events:
 50                    Administrative_Operation
 51                    Privileged_Operation
 52                    ACV/IPR_Fault
 53                    Small_Covert_Channel
 54                    Moderate_Covert_Channel
 55 
 56 
 57 :Info: edit_process_audit_flags: set_process_audit_flags:
 58 1986-03-13  edit_process_audit_flags, set_process_audit_flags
 59 
 60 Syntax as a command:
 61    edit_process_audit_flags {flags_str}
 62    set_process_audit_flags {flags_str}
 63 
 64 
 65 Function: Sets the process security audit flags to the supplied value.
 66 The set_process_audit_flags command will turn on the specified flags,
 67 and turn off all others.  The edit_process_audit_flags command will
 68 affect (turn on or off) only those flags given in the flags_str.
 69 
 70 
 71 Arguments:
 72 flags_str
 73    is an audit flags string acceptable to convert_access_audit_flags_.
 74    If this argument is omitted, the command enters a prompt loop in
 75    which the user is asked for an audit flags string.  A "." entered
 76    alone on a line will cause the loop to exit.
 77 
 78 
 79 Access required:
 80 The user must have "re" access on system_privilege_ and
 81 access_audit_gate_.  The user must also have "r" access to
 82 >udd>SysAdmin>admin>sys_admin_data if the "default" keyword is used.
 83 
 84 
 85 Notes:
 86 For a description of the process audit flags please refer to the
 87 writeup on the "new_user" command in the "System Maintenance and
 88 Operation Commands" manual (order no.  GB64) and the section "Security
 89 Auditing" in the "System Administration Procedures" (order no.  AK50).
 90 
 91 These commands are meant for experimentation with security audit
 92 control flags by the system security administrator.  Permanent
 93 settings for processes should be placed in the appropriate PNT/SAT
 94 entries with the new_user/edit_proj command.
 95 
 96 
 97 The special keywords "none", "all", and "default" are also recognized
 98 for the audit flags string.  They specify:
 99 
100    "none"    - all audit flags turned off,
101    "all"     - all audit flags turned on,
102    "default" - audit flags set to default found in sys_admin_data.
103 
104 See also the display_process_audit_flags command.
105 
106 
107 Examples:
108 
109 ! set_process_audit_flags default
110 ! display_process_audit_flags
111   fsobj=N/R,fsattr=N/R,rcp=N/R,admin=R/R,special=R/R, ...
112   ... other=N/R,admin_op,priv_op,fault,^small_cc,^moderate_cc
113 
114 ! edit_process_audit_flags rcp=ma/ma,admin=n/,special=/n
115 ! display_process_audit_flags
116   fsobj=N/R,fsattr=N/R,rcp=MA/MA,admin=N/R,special=R/N, ...
117   ... other=N/R,admin_op,priv_op,fault,^small_cc,^moderate_cc
118 
119 
120 ! set_process_audit_flags rcp=n/r,admin=r/,special=/r
121 ! display_process_audit_flags
122   fsobj=N/N,fsattr=N/N,rcp=N/R,admin=R/N,special=N/R, ...
123   ... other=N/N,^admin_op,^priv_op,^fault,^small_cc,^moderate_cc
124 
125 
126 ! set_process_audit_flags default
127 ! edit_process_audit_flags
128   current flags: fsobj=N/R,fsattr=N/R,rcp=N/R,admin=R/R, ...
129     ... special=R/R,other=N/R,admin_op,priv_op, ...
130           ... fault,^small_cc,^moderate_cc
131   enter flags: ! fsobj=r/
132   new flags:     fsobj=R/R,fsattr=N/R,rcp=N/R,admin=R/R, ...
133     ... special=R/R,other=N/R,admin_op,priv_op, ...
134           ... fault,^small_cc,^moderate_cc
135   enter flags: ! fsobj=/m
136   new flags:     fsobj=R/M,fsattr=N/R,rcp=N/R,admin=R/R, ...
137     ... special=R/R,other=N/R,admin_op,priv_op, ...
138           ... fault,^small_cc,^moderate_cc
139   enter flags: ! ^admin_op,^fault,other=ma/ma
140   new flags:     fsobj=R/M,fsattr=N/R,rcp=N/R,admin=R/R, ...
141     ... special=R/R,other=MA/MA,^admin_op,priv_op, ...
142           ... ^fault,^small_cc,^moderate_cc
143   enter flags: ! .
144 
145 
146 :hcom:
147 
148 
149 
150 /****^  HISTORY COMMENTS:
151   1) change(2020-05-19,GDixon), approve(2021-02-22,MCR10088),
152      audit(2021-05-27,Swenson), install(2021-05-27,MR12.6g-0056):
153       A) Change "Syntax:" to "Syntax as a command:" in command info seg
154          last changed after 1984.
155       B) isodate format for header dates.
156                                                    END HISTORY COMMENTS */
157 
158 
159