> Here is the current list of audit events. The code to generate all of
Hummm, for create prop and change prop where we record the
value, we probably should make that optional and not record
the value for protected properties.
Even though the audit trail is protected from non-administrative
access, passwords and crypto keys are never recorded there.
It's unknow what's in a protected property.
Gary..
> In addition to the SMF specific audit events, the auditing
> framework, auditd(1M), records additional information such
> as:
>
> o time of event
>
> o user id and process id of program generating the event
> (for SMF this is the doors client of svc.configd)
>
> o an audit session
Nit. Success or failure is also recorded by the infrastructure.
It is however signaled by the caller as to if it was a success
or failure.
