adt_record.dtd.1 revision 2
2N/A<?
xml version="1.0" encoding="UTF-8" ?>
2N/A Copyright 2010 Sun Microsystems, Inc. All rights reserved. 2N/A Use is subject to license terms. 2N/A The contents of this file are subject to the terms of the 2N/A Common Development and Distribution License (the "License"). 2N/A You may not use this file except in compliance with the License. 2N/A See the License for the specific language governing permissions 2N/A and limitations under the License. 2N/A When distributing Covered Code, include this CDDL HEADER in each 2N/A If applicable, add the following below this CDDL HEADER, with the 2N/A fields enclosed by brackets "[]" replaced with your own identifying 2N/A information: Portions Copyright [yyyy] [name of copyright owner] 2N/A<!--Entity Definitions--> 2N/A<!-- timeattr or iso8601 2N/A the time/date to the second in strftime(3C) default format, 2N/A followed by milliseconds offset. 2N/A Example: time="Mon May 06 12:10:18 2002" msec="750" 2N/A ISO 8601 standard format date time and timezone; 2N/A YYYY-MM-DD HH:MM:SS.sss +/-HH:MM; year, month, day 24 hour time with 2N/A milliseconds + or - offset from Universal Time (UTC, aka GMT) 2N/A Example: iso8601="2003-09-17 16:47:41.831 -07:00" 2N/A<!
ENTITY %
timeattr "time CDATA #IMPLIED 2N/A msec CDATA #IMPLIED">
2N/A<!
ENTITY %
iso8601 "iso8601 CDATA #IMPLIED">
2N/A<!-- xinfo Generic info for X related tokens. --> 2N/A<!
ENTITY %
xinfo "xid CDATA #REQUIRED 2N/A xcreator-uid CDATA #REQUIRED">
2N/AThis represents the set of "reserved" tokens whose placement is 2N/A<!
ENTITY %
reserved_toks "( 2N/AThis represents the set of all tokens other than the "reserved" 2N/A<!
ENTITY %
normaltoks "( 2N/A use_of_authorization | 2N/A<!--Element Definitions--> 2N/AThe main element, "audit", consists of a sequence of file & record tokens. 2N/A<!
ELEMENT audit (
file |
record)*>
2N/A<!
ELEMENT file (#
PCDATA)>
2N/A<!
ATTLIST file %
iso8601;>
2N/AAudit records will have this general layout of tokens after the 2N/Afirst token (which is the record token): 2N/A (tokens),subject,group,(tokens),return,sequence,host 2N/A(all tokens after the record token are optional; the host token is unused.) 2N/A version CDATA #
REQUIRED 2N/A event CDATA #
REQUIRED 2N/A modifier CDATA #
IMPLIED 2N/A<!
ELEMENT text (#
PCDATA)>
2N/A<!
ELEMENT user EMPTY>
2N/A username CDATA #
REQUIRED 2N/A<!
ELEMENT path (#
PCDATA)>
2N/A<!-- path_attr token --> 2N/A<!
ELEMENT path_attr (
xattr*)>
2N/A<!
ELEMENT xattr (#
PCDATA)>
2N/A<!
ELEMENT host (#
PCDATA)>
2N/A<!-- subject token --> 2N/A<!
ELEMENT subject EMPTY>
2N/A audit-
uid CDATA #
REQUIRED 2N/A ruid CDATA #
REQUIRED 2N/A rgid CDATA #
REQUIRED 2N/A<!-- process token --> 2N/A<!
ELEMENT process EMPTY>
2N/A audit-
uid CDATA #
REQUIRED 2N/A ruid CDATA #
REQUIRED 2N/A rgid CDATA #
REQUIRED 2N/A<!-- return token --> 2N/A<!
ELEMENT return EMPTY>
2N/A errval CDATA #
REQUIRED 2N/A retval CDATA #
REQUIRED 2N/A<!
ELEMENT exit EMPTY>
2N/A errval CDATA #
REQUIRED 2N/A retval CDATA #
REQUIRED 2N/A<!-- sequence token --> 2N/A<!
ELEMENT sequence EMPTY>
2N/A seq-
num CDATA #
REQUIRED 2N/A<!
ELEMENT fmri (#
PCDATA)>
2N/A<!
ELEMENT group (
gid)*>
2N/A<!
ELEMENT gid (#
PCDATA)>
2N/A<!-- opaque token --> 2N/A<!
ELEMENT opaque (#
PCDATA)>
2N/A<!-- liaison token --> 2N/A<!-- (NOTE: liaison is obsolete and is no longer generated --> 2N/A<!
ELEMENT liaison (#
PCDATA)>
2N/A<!-- argument token --> 2N/A<!
ELEMENT argument EMPTY>
2N/A arg-
num CDATA #
REQUIRED 2N/A value CDATA #
REQUIRED 2N/A desc CDATA #
REQUIRED 2N/A<!-- attribute token --> 2N/A<!
ELEMENT attribute EMPTY>
2N/A mode CDATA #
REQUIRED 2N/A fsid CDATA #
REQUIRED 2N/A nodeid CDATA #
REQUIRED 2N/A device CDATA #
REQUIRED 2N/A<!
ELEMENT cmd (
argv*,
arge*)>
2N/A<!
ELEMENT argv (#
PCDATA)>
2N/A<!
ELEMENT arge (#
PCDATA)>
2N/A<!-- exec_args token --> 2N/A<!
ELEMENT exec_args (
arg*)>
2N/A<!
ELEMENT arg (#
PCDATA)>
2N/A<!-- exec_env token --> 2N/A<!
ELEMENT exec_env (
env*)>
2N/A<!
ELEMENT env (#
PCDATA)>
2N/A<!-- arbitrary token --> 2N/A<!
ELEMENT arbitrary (#
PCDATA)>
2N/A print CDATA #
REQUIRED 2N/A type CDATA #
REQUIRED 2N/A count CDATA #
REQUIRED 2N/A<!-- privilege token --> 2N/A<!
ELEMENT privilege (#
PCDATA)>
2N/A set-
type CDATA #
REQUIRED 2N/A<!-- use_of_privilege token --> 2N/A<!
ELEMENT use_of_privilege (#
PCDATA)>
2N/A<!
ATTLIST use_of_privilege 2N/A result CDATA #
REQUIRED 2N/A<!-- sensitivity_label token --> 2N/A<!
ELEMENT sensitivity_label (#
PCDATA)>
2N/A<!-- use_of_authorization token --> 2N/A<!
ELEMENT use_of_authorization (#
PCDATA)>
2N/A ipc-
type CDATA #
REQUIRED 2N/A ipc-
id CDATA #
REQUIRED 2N/A<!-- IPC_perm token --> 2N/A<!
ELEMENT IPC_perm EMPTY>
2N/A creator-
uid CDATA #
REQUIRED 2N/A creator-
gid CDATA #
REQUIRED 2N/A mode CDATA #
REQUIRED 2N/A<!-- ip_address token --> 2N/A<!
ELEMENT ip_address (#
PCDATA)>
2N/A<!-- ip_port token --> 2N/A<!-- (NOTE: ip_port is obsolete and is no longer generated --> 2N/A<!
ELEMENT ip_port (#
PCDATA)>
2N/A<!-- (NOTE: ip is obsolete and is no longer generated --> 2N/A version CDATA #
REQUIRED 2N/A service_type CDATA #
REQUIRED 2N/A offset CDATA #
REQUIRED 2N/A time_to_live CDATA #
REQUIRED 2N/A protocol CDATA #
REQUIRED 2N/A cksum CDATA #
REQUIRED 2N/A src_addr CDATA #
REQUIRED 2N/A dest_addr CDATA #
REQUIRED 2N/A<!-- old_socket token --> 2N/A<!
ELEMENT old_socket EMPTY>
2N/A type CDATA #
REQUIRED 2N/A port CDATA #
REQUIRED 2N/A addr CDATA #
REQUIRED 2N/A<!-- socket token --> 2N/A<!
ELEMENT socket EMPTY>
2N/A sock_domain CDATA #
REQUIRED 2N/A sock_type CDATA #
REQUIRED 2N/A lport CDATA #
REQUIRED 2N/A laddr CDATA #
REQUIRED 2N/A fport CDATA #
REQUIRED 2N/A faddr CDATA #
REQUIRED 2N/A value CDATA #
IMPLIED 2N/A flags CDATA #
IMPLIED 2N/A access_mask CDATA #
IMPLIED 2N/A<!-- future intent: contain one of ipadr | MTUadr | device --> 2N/A<!
ELEMENT tid (
ipadr*)>
2N/A type CDATA #
REQUIRED 2N/A<!-- ipadr content of tid token --> 2N/A<!
ELEMENT ipadr EMPTY>
2N/A local-
port CDATA #
REQUIRED 2N/A remote-
port CDATA #
REQUIRED 2N/A host CDATA #
REQUIRED 2N/A<!-- X_atom token --> 2N/A<!
ELEMENT X_atom (#
PCDATA)>
2N/A<!-- X_color_map token --> 2N/A<!
ELEMENT X_color_map EMPTY>
2N/A<!
ATTLIST X_color_map %
xinfo;>
2N/A<!-- X_cursor token --> 2N/A<!
ELEMENT X_cursor EMPTY>
2N/A<!
ATTLIST X_cursor %
xinfo;>
2N/A<!-- X_font token --> 2N/A<!
ELEMENT X_font EMPTY>
2N/A<!
ATTLIST X_font %
xinfo;>
2N/A<!-- X_graphic_context token --> 2N/A<!
ELEMENT X_graphic_context EMPTY>
2N/A<!
ATTLIST X_graphic_context %
xinfo;>
2N/A<!-- X_pixmap token --> 2N/A<!
ELEMENT X_pixmap EMPTY>
2N/A<!
ATTLIST X_pixmap %
xinfo;>
2N/A<!-- X_window token --> 2N/A<!
ELEMENT X_window EMPTY>
2N/A<!
ATTLIST X_window %
xinfo;>
2N/A<!-- X_property token --> 2N/A<!
ELEMENT X_property (#
PCDATA)>
2N/A<!
ATTLIST X_property %
xinfo;>
2N/A<!-- X_client token --> 2N/A<!
ELEMENT X_client (#
PCDATA)>
2N/A<!-- X_selection token --> 2N/A<!
ELEMENT X_selection (
xsel_text,
xsel_type,
xsel_data)>
2N/A<!
ELEMENT x_sel_text (#
PCDATA)>
2N/A<!
ELEMENT x_sel_type (#
PCDATA)>
2N/A<!
ELEMENT x_sel_data (#
PCDATA)>
2N/A<!-- zonename token --> 2N/A<!
ELEMENT zone EMPTY>
2N/A name CDATA #
REQUIRED