auditd.xml (16f0fd39d0c84c014919d701f87f5fc48be58d31) | auditd.xml (8523fda3525b37e02f4d11efc8cf763bf08204ec) |
---|---|
1<?xml version="1.0"?> 2<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> 3<!-- 4 Copyright 2009 Sun Microsystems, Inc. All rights reserved. 5 Use is subject to license terms. 6 7 CDDL HEADER START 8 --- 48 unchanged lines hidden (view full) --- 57 <dependency 58 name='syslog' 59 type='service' 60 grouping='optional_all' 61 restart_on='none'> 62 <service_fmri value='svc:/system/system-log' /> 63 </dependency> 64 | 1<?xml version="1.0"?> 2<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> 3<!-- 4 Copyright 2009 Sun Microsystems, Inc. All rights reserved. 5 Use is subject to license terms. 6 7 CDDL HEADER START 8 --- 48 unchanged lines hidden (view full) --- 57 <dependency 58 name='syslog' 59 type='service' 60 grouping='optional_all' 61 restart_on='none'> 62 <service_fmri value='svc:/system/system-log' /> 63 </dependency> 64 |
65 |
|
65 <dependent | 66 <dependent |
66 name='auditd_multi-user' | 67 name='multi-user' |
67 grouping='optional_all' 68 restart_on='none'> 69 <service_fmri value='svc:/milestone/multi-user'/> 70 </dependent> 71 72 <dependent 73 name='console-login' 74 grouping='optional_all' 75 restart_on='none'> 76 <service_fmri value='svc:/system/console-login'/> 77 </dependent> 78 | 68 grouping='optional_all' 69 restart_on='none'> 70 <service_fmri value='svc:/milestone/multi-user'/> 71 </dependent> 72 73 <dependent 74 name='console-login' 75 grouping='optional_all' 76 restart_on='none'> 77 <service_fmri value='svc:/system/console-login'/> 78 </dependent> 79 |
80 |
|
79 <exec_method 80 type='method' 81 name='start' 82 exec='/lib/svc/method/svc-auditd' 83 timeout_seconds='15'> 84 <method_context> 85 <method_credential user='root' group='root' /> 86 </method_context> 87 </exec_method> 88 89 <exec_method 90 type='method' 91 name='refresh' | 81 <exec_method 82 type='method' 83 name='start' 84 exec='/lib/svc/method/svc-auditd' 85 timeout_seconds='15'> 86 <method_context> 87 <method_credential user='root' group='root' /> 88 </method_context> 89 </exec_method> 90 91 <exec_method 92 type='method' 93 name='refresh' |
92 exec=':kill -HUP' | 94 exec='/lib/svc/method/svc-auditd' |
93 timeout_seconds='30'> 94 <method_context> 95 <method_credential user='root' group='root' /> 96 </method_context> 97 </exec_method> 98 99 <!-- | 95 timeout_seconds='30'> 96 <method_context> 97 <method_credential user='root' group='root' /> 98 </method_context> 99 </exec_method> 100 101 <!-- |
100 auditd waits for c2audit to quiet down after catching a 101 -TERM before exiting; auditd's timeout is 20 seconds | 102 auditd waits for c2audit to quiet down after catching a -TERM 103 before exiting; auditd's timeout is 20 seconds |
102 --> 103 104 <exec_method 105 type='method' 106 name='stop' 107 exec=':kill -TERM' 108 timeout_seconds='30'> 109 <method_context> 110 <method_credential user='root' group='root' /> 111 </method_context> 112 </exec_method> 113 114 <!-- SIGs HUP, TERM, and USR1 are all expected by auditd --> | 104 --> 105 106 <exec_method 107 type='method' 108 name='stop' 109 exec=':kill -TERM' 110 timeout_seconds='30'> 111 <method_context> 112 <method_credential user='root' group='root' /> 113 </method_context> 114 </exec_method> 115 116 <!-- SIGs HUP, TERM, and USR1 are all expected by auditd --> |
115 | |
116 <property_group name='startd' type='framework'> 117 <propval name='ignore_error' type='astring' | 117 <property_group name='startd' type='framework'> 118 <propval name='ignore_error' type='astring' |
118 value='core,signal' /> | 119 value='core,signal' /> |
119 </property_group> 120 121 <property_group name='general' type='framework'> | 120 </property_group> 121 122 <property_group name='general' type='framework'> |
122 <!-- to start stop auditd --> | 123 <!-- to start/stop auditd --> |
123 <propval name='action_authorization' type='astring' 124 value='solaris.audit.config' /> 125 <propval name='value_authorization' type='astring' 126 value='solaris.audit.config' /> 127 </property_group> 128 | 124 <propval name='action_authorization' type='astring' 125 value='solaris.audit.config' /> 126 <propval name='value_authorization' type='astring' 127 value='solaris.audit.config' /> 128 </property_group> 129 |
129 <instance name='default' enabled='false' /> | |
130 | 130 |
131 <instance name='default' enabled='false'> 132 133 <!-- 134 Audit Queue Control Properties - see auditconfig(1M) 135 136 Note, that the default value for all the queue control 137 configuration parameters is 0, which makes auditd(1M) to 138 use current active system parameters. 139 --> 140 <property_group name='queuectrl' type='application' > 141 <propval name='qbufsz' type='count' 142 value='0' /> 143 <propval name='qdelay' type='count' 144 value='0' /> 145 <propval name='qhiwater' type='count' 146 value='0' /> 147 <propval name='qlowater' type='count' 148 value='0' /> 149 <propval name='read_authorization' type='astring' 150 value='solaris.audit.config' /> 151 </property_group> 152 153 <!-- 154 Audit Policies - see auditconfig(1M) 155 156 Note, that "all" and "none" policies available as a 157 auditconfig(1M) policy flags actually means a full/empty set 158 of other policy flags. Thus they are not configurable in the 159 auditd service manifest, but set all the policies to true 160 (all) or false (none). 161 --> 162 <property_group name='policy' type='application' > 163 <propval name='ahlt' type='boolean' 164 value='false' /> 165 <propval name='arge' type='boolean' 166 value='false' /> 167 <propval name='argv' type='boolean' 168 value='false' /> 169 <propval name='cnt' type='boolean' 170 value='true' /> 171 <propval name='group' type='boolean' 172 value='false' /> 173 <propval name='path' type='boolean' 174 value='false' /> 175 <propval name='perzone' type='boolean' 176 value='false' /> 177 <propval name='public' type='boolean' 178 value='false' /> 179 <propval name='seq' type='boolean' 180 value='false' /> 181 <propval name='trail' type='boolean' 182 value='false' /> 183 <propval name='windata_down' type='boolean' 184 value='false' /> 185 <propval name='windata_up' type='boolean' 186 value='false' /> 187 <propval name='zonename' type='boolean' 188 value='false' /> 189 <propval name='read_authorization' type='astring' 190 value='solaris.audit.config' /> 191 </property_group> 192 193 </instance> 194 |
|
131 <stability value='Evolving' /> 132 | 195 <stability value='Evolving' /> 196 |
197 |
|
133 <template> 134 <common_name> 135 <loctext xml:lang='C'> 136 Solaris audit daemon 137 </loctext> 138 </common_name> 139 <documentation> 140 <manpage title='auditd' 141 section='1M' 142 manpath='/usr/share/man'/> 143 <manpage title='audit' 144 section='1M' 145 manpath='/usr/share/man'/> | 198 <template> 199 <common_name> 200 <loctext xml:lang='C'> 201 Solaris audit daemon 202 </loctext> 203 </common_name> 204 <documentation> 205 <manpage title='auditd' 206 section='1M' 207 manpath='/usr/share/man'/> 208 <manpage title='audit' 209 section='1M' 210 manpath='/usr/share/man'/> |
211 <manpage title='auditconfig' 212 section='1M' 213 manpath='/usr/share/man'/> |
|
146 </documentation> 147 </template> 148 149</service> 150 151</service_bundle> | 214 </documentation> 215 </template> 216 217</service> 218 219</service_bundle> |