Date: Tue, 3 Oct 2006 14:35:09 GMT From: Ruslan Ermilov <ru@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 107177 for review Message-ID: <200610031435.k93EZ9wp016363@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=107177 Change 107177 by ru@ru_edoofus on 2006/10/03 14:34:25 - Add -p to usage() and SYNOPSIS, document it (possibly needs tweaking). - Make it clear in usage() and SYNOPSIS that -r and -s are exclusive. - Sort options. - Fix markup. Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#10 edit .. //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#10 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#10 (text+ko) ==== @@ -25,60 +25,72 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#9 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#10 $ .\" -.Dd January 24, 2004 +.Dd October 3, 2006 .Dt PRAUDIT 1 .Os .Sh NAME .Nm praudit .Nd "print the contents of audit trail files" .Sh SYNOPSIS -.Nm praudit -.Op Fl lrs +.Nm +.Op Fl lp +.Op Fl r | s .Op Fl d Ar del -.Op Ar file ... +.Op Ar .Sh DESCRIPTION The .Nm utility prints the contents of the audit trail files to the standard output in human-readable form. -If no filename is specified, the standard input is used +If no +.Ar file +argument is specified, the standard input is used by default. .Pp The options are as follows: -.Bl -tag -width Ds +.Bl -tag -width indent +.It Fl d Ar del +Specifies the delimiter. +The default delimiter is the comma. .It Fl l Prints the entire record on the same line. If this option is not specified, every token is displayed on a different line. +.It Fl p +Specify this option if input to +.Nm +is piped from the +.Xr tail 1 +utility. +This causes +.Nm +to sync to the start of the next record. .It Fl r Prints the records in their raw, numeric form. This option is exclusive from -.Fl s +.Fl s . .It Fl s Prints the tokens in their short form. Short text representations for record and event type are displayed. This option is exclusive from -.Fl r -.It Fl d Ar del -Specifies the delimiter. -The default delimiter is the comma. +.Fl r . .El .Pp If the raw or short forms are not specified, the default is to print the tokens in their long form. Events are displayed as per their descriptions given in .Pa /etc/security/audit_event ; -uids and gids are expanded to their names; +UIDs and GIDs are expanded to their names; dates and times are displayed in human-readable format. .Sh FILES -.Bl -tag -width "/etc/security/audit_control" -compact +.Bl -tag -width ".Pa /etc/security/audit_control" -compact .It Pa /etc/security/audit_class -Descriptions of audit event classes +Descriptions of audit event classes. .It Pa /etc/security/audit_event -Descriptions of audit events +Descriptions of audit events. .El .Sh SEE ALSO .Xr audit_class 5 , @@ -89,9 +101,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#10 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#9 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#10 $ */ /* @@ -34,7 +34,7 @@ */ /* - * praudit [-lrs] [-ddel] [filenames] + * praudit [-lp] [-r | -s] [-d del] [file ...] */ #include <bsm/libbsm.h> @@ -53,10 +53,10 @@ static int partial = 0; static void -usage() +usage(void) { - fprintf(stderr, "Usage: praudit [-lrs] [-ddel] [filenames]\n"); + fprintf(stderr, "usage: praudit [-lp] [-r | -s] [-d del] [file ...]\n"); exit(1); } @@ -109,12 +109,20 @@ int i; FILE *fp; - while ((ch = getopt(argc, argv, "lprsd:")) != -1) { + while ((ch = getopt(argc, argv, "d:lprs")) != -1) { switch(ch) { + case 'd': + del = optarg; + break; + case 'l': oneline = 1; break; + case 'p': + partial = 1; + break; + case 'r': if (shortfrm) usage(); /* Exclusive from shortfrm. */ @@ -127,14 +135,6 @@ shortfrm = 1; break; - case 'd': - del = optarg; - break; - - case 'p': - partial = 1; - break; - case '?': default: usage();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610031435.k93EZ9wp016363>