NAME

audusr − select users to audit

SYNOPSIS

audusr [[−a user] ...] [[−d user] ...] [−A|−D]

DESCRIPTION

audusr is used to specify users to be audited or excluded from auditing. Without arguments, audusr displays the command usage.  audusr is restricted to super-users. 

Options

audusr recognizes the following options:

−a user Audit the specified user. The auditing system records audit records to the "current" audit file when the specified user executes audited events or system calls.  Use audevent(1M) to specify events to be audited.

−d  user Do not audit the specified user.

−A Audit all users. 

−D Do not audit any users. 

The −A and −D options are mutually exclusive.  Furthermore, if −A is specified, −d cannot be specified; if −D is specified, −a cannot be specified. 

Users specified with audusr are audited (or excluded from auditing) beginning with their next login session, until excluded from auditing (or specified for auditing) with a subsequent audusr invocation.  Users already logged into the system when audusr is invoked are unaffected during that login session; however, any user who logs in after audusr is invoked is audited or excluded from auditing accordingly. 

AUTHOR

audusr was developed by HP. 

FILES

/.secure/etc/passwd File containing flags to indicate whether users are audited. 

SEE ALSO

audit(5), audevent(1M), setaudproc(2), audswitch(2), audwrite(2). 

Hewlett-Packard Company  —  HP-UX Release 8.05: June 1991