audusr - select users to audit
audusr [[-a user] ...] [[-d user] ...] [-A|-D]
audusr is used to specify users to be audited or excluded from
auditing. If no arguments are specified, audusr displays the audit
setting of every user. audusr is restricted to super-users.
audusr recognizes the following options:
-a user Audit the specified user. The auditing system
records audit records to the ``current'' audit
file when the specified user executes audited
events or system calls. Use audevent to specify
events to be audited (see audevent(1M)).
-d user Do not audit the specified user.
-A Audit all users.
-D Do not audit any users.
The -A and -D options are mutually exclusive: that is, if -A is
specified, -d cannot be specified; if -D is specified, -a cannot be
Users specified with audusr are audited (or excluded from auditing)
beginning with their next login session, until excluded from auditing
(or specified for auditing) with a subsequent audusr invocation.
Users already logged into the system when audusr is invoked are
unaffected during that login session; however, any user who logs in
after audusr is invoked is audited or excluded from auditing
audusr was developed by HP.
/tcb/files/auth/*/* File containing flags to indicate
whether users are audited.
audevent(1M), setaudproc(2), audswitch(2), audwrite(2). audit(5).
Hewlett-Packard Company - 1 - HP-UX Release 11i: November 2000