freebsd-dev/contrib/openbsm/etc/audit_event

#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#10 $
# $FreeBSD$
#
0:AUE_NULL:indir system call:no
1:AUE_EXIT:exit(2):pc
2:AUE_FORK:fork(2):pc
3:AUE_OPEN:open(2) - attr only:fa
4:AUE_CREAT:creat(2):fc
5:AUE_LINK:link(2):fc
6:AUE_UNLINK:unlink(2):fd
7:AUE_EXEC:exec(2):pc,ex
8:AUE_CHDIR:chdir(2):pc
9:AUE_MKNOD:mknod(2):fc
10:AUE_CHMOD:chmod(2):fm
11:AUE_CHOWN:chown(2):fm
12:AUE_UMOUNT:umount(2) - old version:ad
13:AUE_JUNK:junk:no
14:AUE_ACCESS:access(2):fa
15:AUE_KILL:kill(2):pc
16:AUE_STAT:stat(2):fa
17:AUE_LSTAT:lstat(2):fa
18:AUE_ACCT:acct(2):ad
19:AUE_MCTL:mctl(2):no
20:AUE_REBOOT:reboot(2):ad
21:AUE_SYMLINK:symlink(2):fc
22:AUE_READLINK:readlink(2):fr
23:AUE_EXECVE:execve(2):pc,ex
24:AUE_CHROOT:chroot(2):pc
25:AUE_VFORK:vfork(2):pc
26:AUE_SETGROUPS:setgroups(2):pc
27:AUE_SETPGRP:setpgrp(2):pc
28:AUE_SWAPON:swapon(2):ad
29:AUE_SETHOSTNAME:sethostname(2):ad
30:AUE_FCNTL:fcntl(2):fm
31:AUE_SETPRIORITY:setpriority(2):pc
32:AUE_CONNECT:connect(2):nt
33:AUE_ACCEPT:accept(2):nt
34:AUE_BIND:bind(2):nt
35:AUE_SETSOCKOPT:setsockopt(2):nt
36:AUE_VTRACE:vtrace(2):pc
37:AUE_SETTIMEOFDAY:settimeofday(2):ad
38:AUE_FCHOWN:fchown(2):fm
39:AUE_FCHMOD:fchmod(2):fm
40:AUE_SETREUID:setreuid(2):pc
41:AUE_SETREGID:setregid(2):pc
42:AUE_RENAME:rename(2):fc,fd
43:AUE_TRUNCATE:truncate(2):fw
44:AUE_FTRUNCATE:ftruncate(2):fw
45:AUE_FLOCK:flock(2):fm
46:AUE_SHUTDOWN:shutdown(2):nt
47:AUE_MKDIR:mkdir(2):fc
48:AUE_RMDIR:rmdir(2):fd
49:AUE_UTIMES:utimes(2):fm
50:AUE_ADJTIME:adjtime(2):ad
51:AUE_SETRLIMIT:setrlimit(2):pc
52:AUE_KILLPG:killpg(2):pc
53:AUE_NFS_SVC:nfs_svc(2):ad
54:AUE_STATFS:statfs(2):fa
55:AUE_FSTATFS:fstatfs(2):fa
56:AUE_UNMOUNT:unmount(2):ad
57:AUE_ASYNC_DAEMON:async_daemon(2):ad
58:AUE_NFS_GETFH:nfs_getfh(2):ad
59:AUE_SETDOMAINNAME:setdomainname(2):ad
60:AUE_QUOTACTL:quotactl(2):ad
61:AUE_EXPORTFS:exportfs(2):ad
62:AUE_MOUNT:mount(2):ad
63:AUE_SEMSYS:semsys(2):ip
64:AUE_MSGSYS:msgsys(2):ip
65:AUE_SHMSYS:shmsys(2):ip
66:AUE_BSMSYS:bsmsys(2):ad
67:AUE_RFSSYS:rfssys(2):ad
68:AUE_FCHDIR:fchdir(2):pc
69:AUE_FCHROOT:fchroot(2):pc
70:AUE_VPIXSYS:vpixsys(2):no
71:AUE_PATHCONF:pathconf(2):fa
72:AUE_OPEN_R:open(2) - read:fr
73:AUE_OPEN_RC:open(2) - read,creat:fc,fr,fa,fm
74:AUE_OPEN_RT:open(2) - read,trunc:fd,fr,fa,fm
75:AUE_OPEN_RTC:open(2) - read,creat,trunc:fc,fd,fr,fa,fm
76:AUE_OPEN_W:open(2) - write:fw
77:AUE_OPEN_WC:open(2) - write,creat:fc,fw,fa,fm
78:AUE_OPEN_WT:open(2) - write,trunc:fd,fw,fa,fm
79:AUE_OPEN_WTC:open(2) - write,creat,trunc:fc,fd,fw,fa,fm
80:AUE_OPEN_RW:open(2) - read,write:fr,fw
81:AUE_OPEN_RWC:open(2) - read,write,creat:fc,fw,fr,fa,fm
82:AUE_OPEN_RWT:open(2) - read,write,trunc:fd,fr,fw,fa,fm
83:AUE_OPEN_RWTC:open(2) - read,write,creat,trunc:fc,fd,fw,fr,fa,fm
84:AUE_MSGCTL:msgctl(2) - illegal command:ip
85:AUE_MSGCTL_RMID:msgctl(2) - IPC_RMID command:ip
86:AUE_MSGCTL_SET:msgctl(2) - IPC_SET command:ip
87:AUE_MSGCTL_STAT:msgctl(2) - IPC_STAT command:ip
88:AUE_MSGGET:msgget(2):ip
89:AUE_MSGRCV:msgrcv(2):ip
90:AUE_MSGSND:msgsnd(2):ip
91:AUE_SHMCTL:shmctl(2) - illegal command:ip
92:AUE_SHMCTL_RMID:shmctl(2) - IPC_RMID command:ip
93:AUE_SHMCTL_SET:shmctl(2) - IPC_SET command:ip
94:AUE_SHMCTL_STAT:shmctl(2) - IPC_STAT command:ip
95:AUE_SHMGET:shmget(2):ip
96:AUE_SHMAT:shmat(2):ip
97:AUE_SHMDT:shmdt(2):ip
98:AUE_SEMCTL:semctl(2) - illegal command:ip
99:AUE_SEMCTL_RMID:semctl(2) - IPC_RMID command:ip
100:AUE_SEMCTL_SET:semctl(2) - IPC_SET command:ip
101:AUE_SEMCTL_STAT:semctl(2) - IPC_STAT command:ip
102:AUE_SEMCTL_GETNCNT:semctl(2) - GETNCNT command:ip
103:AUE_SEMCTL_GETPID:semctl(2) - GETPID command:ip
104:AUE_SEMCTL_GETVAL:semctl(2) - GETVAL command:ip
105:AUE_SEMCTL_GETALL:semctl(2) - GETALL command:ip
106:AUE_SEMCTL_GETZCNT:semctl(2) - GETZCNT command:ip
107:AUE_SEMCTL_SETVAL:semctl(2) - SETVAL command:ip
108:AUE_SEMCTL_SETALL:semctl(2) - SETALL command:ip
109:AUE_SEMGET:semget(2):ip
110:AUE_SEMOP:semop(2):ip
111:AUE_CORE:process dumped core:fc
112:AUE_CLOSE:close(2):cl
113:AUE_SYSTEMBOOT:system booted:na
114:AUE_ASYNC_DAEMON_EXIT:async_daemon(2) exited:ad
115:AUE_NFSSVC_EXIT:nfssvc(2) exited:ad
128:AUE_WRITEL:writel(2):fw
129:AUE_WRITEVL:writevl(2):fw
130:AUE_GETAUID:getauid(2):ad
131:AUE_SETAUID:setauid(2):ad
132:AUE_GETAUDIT:getaudit(2):ad
133:AUE_SETAUDIT:setaudit(2):ad
134:AUE_GETUSERAUDIT:getuseraudit(2):ad
135:AUE_SETUSERAUDIT:setuseraudit(2):ad
136:AUE_AUDITSVC:auditsvc(2):ad
137:AUE_AUDITUSER:audituser(2):ad
138:AUE_AUDITON:auditon(2):ad
139:AUE_AUDITON_GTERMID:auditon(2) - GETTERMID command:ad
140:AUE_AUDITON_STERMID:auditon(2) - SETTERMID command:ad
141:AUE_AUDITON_GPOLICY:auditon(2) - GPOLICY command:ad
142:AUE_AUDITON_SPOLICY:auditon(2) - SPOLICY command:ad
143:AUE_AUDITON_GESTATE:auditon(2) - GESTATE command:ad
144:AUE_AUDITON_SESTATE:auditon(2) - SESTATE command:ad
145:AUE_AUDITON_GQCTRL:auditon(2) - GQCTRL command:ad
146:AUE_AUDITON_SQCTRL:auditon(2) - SQCTRL command:ad
147:AUE_GETKERNSTATE:getkernstate(2):ad
148:AUE_SETKERNSTATE:setkernstate(2):ad
149:AUE_GETPORTAUDIT:getportaudit(2):ad
150:AUE_AUDITSTAT:auditstat(2):ad
153:AUE_ENTERPROM:enter prom:ad
154:AUE_EXITPROM:exit prom:ad
158:AUE_IOCTL:ioctl(2):io
173:AUE_ONESIDE:one-sided session record:nt
174:AUE_MSGGETL:msggetl(2):ip
175:AUE_MSGRCVL:msgrcvl(2):ip
176:AUE_MSGSNDL:msgsndl(2):ip
177:AUE_SEMGETL:semgetl(2):ip
178:AUE_SHMGETL:shmgetl(2):ip
183:AUE_SOCKET:socket(2):nt
184:AUE_SENDTO:sendto(2):nt
185:AUE_PIPE:pipe(2):ip
186:AUE_SOCKETPAIR:socketpair(2):nt
187:AUE_SEND:send(2):nt
188:AUE_SENDMSG:sendmsg(2):nt
189:AUE_RECV:recv(2):nt
190:AUE_RECVMSG:recvmsg(2):nt
191:AUE_RECVFROM:recvfrom(2):nt
192:AUE_READ:read(2):no
193:AUE_GETDENTS:getdents(2):no
194:AUE_LSEEK:lseek(2):no
195:AUE_WRITE:write(2):no
196:AUE_WRITEV:writev(2):no
197:AUE_NFS:nfs server:ad
198:AUE_READV:readv(2):no
199:AUE_OSTAT:old stat(2):fa
200:AUE_SETUID:setuid(2):pc
201:AUE_STIME:old stime(2):ad
202:AUE_UTIME:old utime(2):fm
203:AUE_NICE:old nice(2):pc
204:AUE_OSETPGRP:old setpgrp(2):pc
205:AUE_SETGID:setgid(2):pc
206:AUE_READL:readl(2):no
207:AUE_READVL:readvl(2):no
209:AUE_DUP2:dup2(2):no
210:AUE_MMAP:mmap(2):no
211:AUE_AUDIT:audit(2):ot
212:AUE_PRIOCNTLSYS:priocntlsys(2):pc
213:AUE_MUNMAP:munmap(2):cl
214:AUE_SETEGID:setegid(2):pc
215:AUE_SETEUID:seteuid(2):pc
216:AUE_PUTMSG:putmsg(2):nt
217:AUE_GETMSG:getmsg(2):nt
218:AUE_PUTPMSG:putpmsg(2):nt
219:AUE_GETPMSG:getpmsg(2):nt
220:AUE_AUDITSYS:audit system calls place holder:no
221:AUE_AUDITON_GETKMASK:auditon(2) - get kernel mask:ad
222:AUE_AUDITON_SETKMASK:auditon(2) - set kernel mask:ad
223:AUE_AUDITON_GETCWD:auditon(2) - get cwd:ad
224:AUE_AUDITON_GETCAR:auditon(2) - get car:ad
225:AUE_AUDITON_GETSTAT:auditon(2) - get audit statistics:ad
226:AUE_AUDITON_SETSTAT:auditon(2) - reset audit statistics:ad
227:AUE_AUDITON_SETUMASK:auditon(2) - set mask per uid:ad
228:AUE_AUDITON_SETSMASK:auditon(2) - set mask per session ID:ad
229:AUE_AUDITON_GETCOND:auditon(2) - get audit state:ad
230:AUE_AUDITON_SETCOND:auditon(2) - set audit state:ad
231:AUE_AUDITON_GETCLASS:auditon(2) - get event class:ad
232:AUE_AUDITON_SETCLASS:auditon(2) - set event class:ad
233:AUE_UTSSYS:utssys(2) - fusers:ad
234:AUE_STATVFS:statvfs(2):fa
235:AUE_XSTAT:xstat(2):fa
236:AUE_LXSTAT:lx6stat(2):fa
237:AUE_LCHOWN:lchown(2):fm
238:AUE_MEMCNTL:memcntl(2):ot
239:AUE_SYSINFO:sysinfo(2):ad
240:AUE_XMKNOD:xmknod(2):fc
241:AUE_FORK1:fork1(2):pc
242:AUE_MODCTL:modctl(2) system call place holder:no
243:AUE_MODLOAD:modctl(2) - load module:ad
244:AUE_MODUNLOAD:modctl(2) - unload module:ad
245:AUE_MODCONFIG:modctl(2) - configure module:ad
246:AUE_MODADDMAJ:modctl(2) - bind module:ad
247:AUE_SOCKACCEPT:getmsg-accept:nt
248:AUE_SOCKCONNECT:putmsg-connect:nt
249:AUE_SOCKSEND:putmsg-send:nt
250:AUE_SOCKRECEIVE:getmsg-receive:nt
251:AUE_ACLSET:acl(2) - SETACL comand:fm
252:AUE_FACLSET:facl(2) - SETACL command:fm
253:AUE_DOORFS:doorfs(2) - system call place holder:no
254:AUE_DOORFS_DOOR_CALL:doorfs(2) - DOOR_CALL:ip
255:AUE_DOORFS_DOOR_RETURN:doorfs(2) - DOOR_RETURN:ip
256:AUE_DOORFS_DOOR_CREATE:doorfs(2) - DOOR_CREATE:ip
257:AUE_DOORFS_DOOR_REVOKE:doorfs(2) - DOOR_REVOKE:ip
258:AUE_DOORFS_DOOR_INFO:doorfs(2) - DOOR_INFO:ip
259:AUE_DOORFS_DOOR_CRED:doorfs(2) - DOOR_CRED:ip
260:AUE_DOORFS_DOOR_BIND:doorfs(2) - DOOR_BIND:ip
261:AUE_DOORFS_DOOR_UNBIND:doorfs(2) - DOOR_UNBIND:ip
262:AUE_P_ONLINE:p_online(2):ad
263:AUE_PROCESSOR_BIND:processor_bind(2):ad
264:AUE_INST_SYNC:inst_sync(2):ad
266:AUE_SETAUDIT_ADDR:setaudit_addr(2):ad
267:AUE_GETAUDIT_ADDR:getaudit_addr(2):ad
268:AUE_CLOCK_SETTIME:clock_settime(2):ad
269:AUE_NTP_ADJTIME:ntp_adjtime(2):ad
301:AUE_GETFSSTAT:getfsstat(2):fa
302:AUE_PTRACE:ptrace(2):pc
303:AUE_CHFLAGS:chflags(2):fm
304:AUE_FCHFLAGS:fchflags(2):fm
305:AUE_PROFILE:profil(2):pc
306:AUE_KTRACE:ktrace(2):pc
307:AUE_SETLOGIN:setlogin(2):pc
308:AUE_DARWIN_REBOOT:reboot(2):ad
309:AUE_REVOKE:revoke(2):cl
310:AUE_UMASK:umask(2):pc
311:AUE_MPROTECT:mprotect(2):fm
312:AUE_DARWIN_SETPRIORITY:setpriority(2):pc,ot
313:AUE_DARWIN_SETTIMEOFDAY:settimeofday(2):ad
314:AUE_DARWIN_FLOCK:flock(2):fm
315:AUE_MKFIFO:mkfifo(2):fc
316:AUE_POLL:poll(2):no
317:AUE_DARWIN_SOCKETPAIR:socketpair(2):nt
318:AUE_FUTIMES:futimes(2):fm
319:AUE_SETSID:setsid(2):pc
320:AUE_SETPRIVEXEC:setprivexec(2):pc
321:AUE_DARWIN_NFSSVC:nfssvc(2):ad
322:AUE_DARWIN_GETFH:getfh(2):fa
323:AUE_DARWIN_QUOTACTL:quotactl(2):ad
324:AUE_ADDPROFILE:system call:pc
325:AUE_KDEBUGTRACE:system call:pc
326:AUE_FSTAT:fstat(2):fa
327:AUE_FPATHCONF:fpathconf(2):fa
328:AUE_GETDIRENTRIES:getdirentries(2):fr
329:AUE_DARWIN_TRUNCATE:truncate(2):fw
330:AUE_DARWIN_FTRUNCATE:ftruncate(2):fw
331:AUE_SYSCTL:sysctl(3):ad
332:AUE_MLOCK:mlock(2):pc
333:AUE_MUNLOCK:munlock(2):pc
334:AUE_UNDELETE:undelete(2):fm
335:AUE_GETATTRLIST:getattrlist():fa
336:AUE_SETATTRLIST:setattrlist():fm
337:AUE_GETDIRENTRIESATTR:getdirentriesattr():fa
338:AUE_EXCHANGEDATA:exchangedata():fw
339:AUE_SEARCHFS:searchfs():fa
340:AUE_MINHERIT:minherit(2):pc
341:AUE_SEMCONFIG:semconfig():ip
342:AUE_SEMOPEN:sem_open(2):ip
343:AUE_SEMCLOSE:sem_close(2):ip
344:AUE_SEMUNLINK:sem_unlink(2):ip
345:AUE_SHMOPEN:shm_open(2):ip
346:AUE_SHMUNLINK:shm_unlink(2):ip
347:AUE_LOADSHFILE:load_shared_file():fr
348:AUE_RESETSHFILE:reset_shared_file():ot
349:AUE_NEWSYSTEMSHREG:new_system_share_regions():ot
350:AUE_PTHREADKILL:pthread_kill(2):pc
351:AUE_PTHREADSIGMASK:pthread_sigmask(2):pc
352:AUE_AUDITCTL:auditctl(2):ad
353:AUE_RFORK:rfork(2):pc
354:AUE_LCHMOD:lchmod(2):fm
355:AUE_SWAPOFF:swapoff():ad
356:AUE_INITPROCESS:init_process():pc
357:AUE_MAPFD:map_fd():fa
358:AUE_TASKFORPID:task_for_pid():pc
359:AUE_PIDFORTASK:pid_for_task():pc
360:AUE_SYSCTL_NONADMIN:sysctl() - non-admin:ot
361:AUE_COPYFILE:copyfile():fr,fw
362:AUE_LUTIMES:lutimes(2):fm
363:AUE_LCHFLAGS:lchflags(2):fm
364:AUE_SENDFILE:sendfile(2):nt
365:AUE_USELIB:uselib(2):fa
366:AUE_GETRESUID:getresuid(2):pc
367:AUE_SETRESUID:setresuid(2):pc
368:AUE_GETRESGID:getresgid(2):pc
369:AUE_SETRESGID:setresgid(2):pc
370:AUE_WAIT4:wait4(2):pc
371:AUE_LGETFH:lgetfh(2):fa
372:AUE_FHSTATFS:fhstatfs(2):fa
373:AUE_FHOPEN:fhopen(2):fa
374:AUE_FHSTAT:fhstat(2):fa
375:AUE_JAIL:jail(2):pc
376:AUE_EACCESS:eaccess(2):fa
377:AUE_KQUEUE:kqueue(2):no
378:AUE_KEVENT:kevent(2):no
379:AUE_FSYNC:fsync(2):fm
380:AUE_NMOUNT:nmount(2):ad
6152:AUE_login:login - local:lo
6153:AUE_logout:logout - local:lo
6159:AUE_su:su(1):lo
6160:AUE_halt:system halt:ad
6168:AUE_shutdown:system shutdown:ad
6171:AUE_audit_startup:audit startup:ad
6172:AUE_audit_shutdown:audit shutdown:ad
6207:AUE_create_user:create user:ad
6208:AUE_modify_user:modify user:ad
6209:AUE_delete_user:delete user:ad
6210:AUE_disable_user:disable user:ad
6211:AUE_enable_user::ad
6300:AUE_sudo:sudo(1):ad
6501:AUE_modify_password:modify password:ad
6511:AUE_create_group:create group:ad
6512:AUE_delete_group:delete group:ad
6513:AUE_modify_group:modify group:ad
6514:AUE_add_to_group:add to group:ad
6515:AUE_remove_from_group:remove from group:ad
6521:AUE_revoke_obj:revoke object priv:fm
6600:AUE_lw_login:loginwindow login:lo
6601:AUE_lw_logout:loginwindow logout:lo
7000:AUE_auth_user:user authentication:ad
7001:AUE_ssconn:SecSrvr connection setup:ad
7002:AUE_ssauthorize:SecSrvr AuthEngine:ad
7003:AUE_ssauthint:SecSrvr authinternal mech:ad
32800:AUE_openssh:OpenSSH login:lo
Initial vendor import of the TrustedBSD OpenBSM distribution, version 1.0 alpha 1, an implementation of the documented Sun Basic Security Module (BSM) Audit API and file format, as well as local extensions to support the Mac OS X and FreeBSD operating systems. Also included are command line tools for audit trail reduction and conversion to text, as well as documentation of the commands, file format, and APIs. This distribution is the foundation for the TrustedBSD Audit implementation, and is a pre-release. This is the first in a series of commits to introduce support for Common Criteria CAPP security event audit support. This software has been made possible through the generous contributions of Apple Computer, Inc., SPARTA, Inc., as well as members of the TrustedBSD Project, including Wayne Salamon <wsalamon> and Tom Rhodes <trhodes>. The original OpenBSM implementation was created by McAfee Research under contract to Apple Computer, Inc., as part of their CC CAPP security evaluation. Many thanks to: wsalamon, trhodes Obtained from: TrustedBSD Project 2006-01-31 19:40:12 +00:00			`#`
			`# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#10 $`
Take contrib/openbsm/etc configuration files off the vendor branch in order to add $FreeBSD$ tags, which helps mergemaster better manage updating them. Requested by: several Obtained from: TrustedBSD Project 2006-03-26 01:44:35 +00:00			`# $FreeBSD$`
Initial vendor import of the TrustedBSD OpenBSM distribution, version 1.0 alpha 1, an implementation of the documented Sun Basic Security Module (BSM) Audit API and file format, as well as local extensions to support the Mac OS X and FreeBSD operating systems. Also included are command line tools for audit trail reduction and conversion to text, as well as documentation of the commands, file format, and APIs. This distribution is the foundation for the TrustedBSD Audit implementation, and is a pre-release. This is the first in a series of commits to introduce support for Common Criteria CAPP security event audit support. This software has been made possible through the generous contributions of Apple Computer, Inc., SPARTA, Inc., as well as members of the TrustedBSD Project, including Wayne Salamon <wsalamon> and Tom Rhodes <trhodes>. The original OpenBSM implementation was created by McAfee Research under contract to Apple Computer, Inc., as part of their CC CAPP security evaluation. Many thanks to: wsalamon, trhodes Obtained from: TrustedBSD Project 2006-01-31 19:40:12 +00:00			`#`
			`0:AUE_NULL:indir system call:no`
			`1:AUE_EXIT:exit(2):pc`
			`2:AUE_FORK:fork(2):pc`
			`3:AUE_OPEN:open(2) - attr only:fa`
			`4:AUE_CREAT:creat(2):fc`
			`5:AUE_LINK:link(2):fc`
			`6:AUE_UNLINK:unlink(2):fd`
			`7:AUE_EXEC:exec(2):pc,ex`
			`8:AUE_CHDIR:chdir(2):pc`
			`9:AUE_MKNOD:mknod(2):fc`
			`10:AUE_CHMOD:chmod(2):fm`
			`11:AUE_CHOWN:chown(2):fm`
			`12:AUE_UMOUNT:umount(2) - old version:ad`
			`13:AUE_JUNK:junk:no`
			`14:AUE_ACCESS:access(2):fa`
			`15:AUE_KILL:kill(2):pc`
			`16:AUE_STAT:stat(2):fa`
			`17:AUE_LSTAT:lstat(2):fa`
			`18:AUE_ACCT:acct(2):ad`
			`19:AUE_MCTL:mctl(2):no`
			`20:AUE_REBOOT:reboot(2):ad`
			`21:AUE_SYMLINK:symlink(2):fc`
			`22:AUE_READLINK:readlink(2):fr`
			`23:AUE_EXECVE:execve(2):pc,ex`
			`24:AUE_CHROOT:chroot(2):pc`
			`25:AUE_VFORK:vfork(2):pc`
			`26:AUE_SETGROUPS:setgroups(2):pc`
			`27:AUE_SETPGRP:setpgrp(2):pc`
			`28:AUE_SWAPON:swapon(2):ad`
			`29:AUE_SETHOSTNAME:sethostname(2):ad`
			`30:AUE_FCNTL:fcntl(2):fm`
			`31:AUE_SETPRIORITY:setpriority(2):pc`
			`32:AUE_CONNECT:connect(2):nt`
			`33:AUE_ACCEPT:accept(2):nt`
			`34:AUE_BIND:bind(2):nt`
			`35:AUE_SETSOCKOPT:setsockopt(2):nt`
			`36:AUE_VTRACE:vtrace(2):pc`
			`37:AUE_SETTIMEOFDAY:settimeofday(2):ad`
			`38:AUE_FCHOWN:fchown(2):fm`
			`39:AUE_FCHMOD:fchmod(2):fm`
			`40:AUE_SETREUID:setreuid(2):pc`
			`41:AUE_SETREGID:setregid(2):pc`
			`42:AUE_RENAME:rename(2):fc,fd`
			`43:AUE_TRUNCATE:truncate(2):fw`
			`44:AUE_FTRUNCATE:ftruncate(2):fw`
			`45:AUE_FLOCK:flock(2):fm`
			`46:AUE_SHUTDOWN:shutdown(2):nt`
			`47:AUE_MKDIR:mkdir(2):fc`
			`48:AUE_RMDIR:rmdir(2):fd`
			`49:AUE_UTIMES:utimes(2):fm`
			`50:AUE_ADJTIME:adjtime(2):ad`
			`51:AUE_SETRLIMIT:setrlimit(2):pc`
			`52:AUE_KILLPG:killpg(2):pc`
			`53:AUE_NFS_SVC:nfs_svc(2):ad`
			`54:AUE_STATFS:statfs(2):fa`
			`55:AUE_FSTATFS:fstatfs(2):fa`
			`56:AUE_UNMOUNT:unmount(2):ad`
			`57:AUE_ASYNC_DAEMON:async_daemon(2):ad`
			`58:AUE_NFS_GETFH:nfs_getfh(2):ad`
			`59:AUE_SETDOMAINNAME:setdomainname(2):ad`
			`60:AUE_QUOTACTL:quotactl(2):ad`
			`61:AUE_EXPORTFS:exportfs(2):ad`
			`62:AUE_MOUNT:mount(2):ad`
			`63:AUE_SEMSYS:semsys(2):ip`
			`64:AUE_MSGSYS:msgsys(2):ip`
			`65:AUE_SHMSYS:shmsys(2):ip`
			`66:AUE_BSMSYS:bsmsys(2):ad`
			`67:AUE_RFSSYS:rfssys(2):ad`
			`68:AUE_FCHDIR:fchdir(2):pc`
			`69:AUE_FCHROOT:fchroot(2):pc`
			`70:AUE_VPIXSYS:vpixsys(2):no`
			`71:AUE_PATHCONF:pathconf(2):fa`
			`72:AUE_OPEN_R:open(2) - read:fr`
			`73:AUE_OPEN_RC:open(2) - read,creat:fc,fr,fa,fm`
			`74:AUE_OPEN_RT:open(2) - read,trunc:fd,fr,fa,fm`
			`75:AUE_OPEN_RTC:open(2) - read,creat,trunc:fc,fd,fr,fa,fm`
			`76:AUE_OPEN_W:open(2) - write:fw`
			`77:AUE_OPEN_WC:open(2) - write,creat:fc,fw,fa,fm`
			`78:AUE_OPEN_WT:open(2) - write,trunc:fd,fw,fa,fm`
			`79:AUE_OPEN_WTC:open(2) - write,creat,trunc:fc,fd,fw,fa,fm`
			`80:AUE_OPEN_RW:open(2) - read,write:fr,fw`
			`81:AUE_OPEN_RWC:open(2) - read,write,creat:fc,fw,fr,fa,fm`
			`82:AUE_OPEN_RWT:open(2) - read,write,trunc:fd,fr,fw,fa,fm`
			`83:AUE_OPEN_RWTC:open(2) - read,write,creat,trunc:fc,fd,fw,fr,fa,fm`
			`84:AUE_MSGCTL:msgctl(2) - illegal command:ip`
			`85:AUE_MSGCTL_RMID:msgctl(2) - IPC_RMID command:ip`
			`86:AUE_MSGCTL_SET:msgctl(2) - IPC_SET command:ip`
			`87:AUE_MSGCTL_STAT:msgctl(2) - IPC_STAT command:ip`
			`88:AUE_MSGGET:msgget(2):ip`
			`89:AUE_MSGRCV:msgrcv(2):ip`
			`90:AUE_MSGSND:msgsnd(2):ip`
			`91:AUE_SHMCTL:shmctl(2) - illegal command:ip`
			`92:AUE_SHMCTL_RMID:shmctl(2) - IPC_RMID command:ip`
			`93:AUE_SHMCTL_SET:shmctl(2) - IPC_SET command:ip`
			`94:AUE_SHMCTL_STAT:shmctl(2) - IPC_STAT command:ip`
			`95:AUE_SHMGET:shmget(2):ip`
			`96:AUE_SHMAT:shmat(2):ip`
			`97:AUE_SHMDT:shmdt(2):ip`
			`98:AUE_SEMCTL:semctl(2) - illegal command:ip`
			`99:AUE_SEMCTL_RMID:semctl(2) - IPC_RMID command:ip`
			`100:AUE_SEMCTL_SET:semctl(2) - IPC_SET command:ip`
			`101:AUE_SEMCTL_STAT:semctl(2) - IPC_STAT command:ip`
			`102:AUE_SEMCTL_GETNCNT:semctl(2) - GETNCNT command:ip`
			`103:AUE_SEMCTL_GETPID:semctl(2) - GETPID command:ip`
			`104:AUE_SEMCTL_GETVAL:semctl(2) - GETVAL command:ip`
			`105:AUE_SEMCTL_GETALL:semctl(2) - GETALL command:ip`
			`106:AUE_SEMCTL_GETZCNT:semctl(2) - GETZCNT command:ip`
			`107:AUE_SEMCTL_SETVAL:semctl(2) - SETVAL command:ip`
			`108:AUE_SEMCTL_SETALL:semctl(2) - SETALL command:ip`
			`109:AUE_SEMGET:semget(2):ip`
			`110:AUE_SEMOP:semop(2):ip`
			`111:AUE_CORE:process dumped core:fc`
			`112:AUE_CLOSE:close(2):cl`
			`113:AUE_SYSTEMBOOT:system booted:na`
			`114:AUE_ASYNC_DAEMON_EXIT:async_daemon(2) exited:ad`
			`115:AUE_NFSSVC_EXIT:nfssvc(2) exited:ad`
			`128:AUE_WRITEL:writel(2):fw`
			`129:AUE_WRITEVL:writevl(2):fw`
			`130:AUE_GETAUID:getauid(2):ad`
			`131:AUE_SETAUID:setauid(2):ad`
			`132:AUE_GETAUDIT:getaudit(2):ad`
			`133:AUE_SETAUDIT:setaudit(2):ad`
			`134:AUE_GETUSERAUDIT:getuseraudit(2):ad`
			`135:AUE_SETUSERAUDIT:setuseraudit(2):ad`
			`136:AUE_AUDITSVC:auditsvc(2):ad`
			`137:AUE_AUDITUSER:audituser(2):ad`
			`138:AUE_AUDITON:auditon(2):ad`
			`139:AUE_AUDITON_GTERMID:auditon(2) - GETTERMID command:ad`
			`140:AUE_AUDITON_STERMID:auditon(2) - SETTERMID command:ad`
			`141:AUE_AUDITON_GPOLICY:auditon(2) - GPOLICY command:ad`
			`142:AUE_AUDITON_SPOLICY:auditon(2) - SPOLICY command:ad`
			`143:AUE_AUDITON_GESTATE:auditon(2) - GESTATE command:ad`
			`144:AUE_AUDITON_SESTATE:auditon(2) - SESTATE command:ad`
			`145:AUE_AUDITON_GQCTRL:auditon(2) - GQCTRL command:ad`
			`146:AUE_AUDITON_SQCTRL:auditon(2) - SQCTRL command:ad`
			`147:AUE_GETKERNSTATE:getkernstate(2):ad`
			`148:AUE_SETKERNSTATE:setkernstate(2):ad`
			`149:AUE_GETPORTAUDIT:getportaudit(2):ad`
			`150:AUE_AUDITSTAT:auditstat(2):ad`
			`153:AUE_ENTERPROM:enter prom:ad`
			`154:AUE_EXITPROM:exit prom:ad`
			`158:AUE_IOCTL:ioctl(2):io`
			`173:AUE_ONESIDE:one-sided session record:nt`
			`174:AUE_MSGGETL:msggetl(2):ip`
			`175:AUE_MSGRCVL:msgrcvl(2):ip`
			`176:AUE_MSGSNDL:msgsndl(2):ip`
			`177:AUE_SEMGETL:semgetl(2):ip`
			`178:AUE_SHMGETL:shmgetl(2):ip`
			`183:AUE_SOCKET:socket(2):nt`
			`184:AUE_SENDTO:sendto(2):nt`
			`185:AUE_PIPE:pipe(2):ip`
			`186:AUE_SOCKETPAIR:socketpair(2):nt`
			`187:AUE_SEND:send(2):nt`
			`188:AUE_SENDMSG:sendmsg(2):nt`
			`189:AUE_RECV:recv(2):nt`
			`190:AUE_RECVMSG:recvmsg(2):nt`
			`191:AUE_RECVFROM:recvfrom(2):nt`
			`192:AUE_READ:read(2):no`
			`193:AUE_GETDENTS:getdents(2):no`
			`194:AUE_LSEEK:lseek(2):no`
			`195:AUE_WRITE:write(2):no`
			`196:AUE_WRITEV:writev(2):no`
			`197:AUE_NFS:nfs server:ad`
			`198:AUE_READV:readv(2):no`
			`199:AUE_OSTAT:old stat(2):fa`
			`200:AUE_SETUID:setuid(2):pc`
			`201:AUE_STIME:old stime(2):ad`
			`202:AUE_UTIME:old utime(2):fm`
			`203:AUE_NICE:old nice(2):pc`
			`204:AUE_OSETPGRP:old setpgrp(2):pc`
			`205:AUE_SETGID:setgid(2):pc`
			`206:AUE_READL:readl(2):no`
			`207:AUE_READVL:readvl(2):no`
			`209:AUE_DUP2:dup2(2):no`
			`210:AUE_MMAP:mmap(2):no`
			`211:AUE_AUDIT:audit(2):ot`
			`212:AUE_PRIOCNTLSYS:priocntlsys(2):pc`
			`213:AUE_MUNMAP:munmap(2):cl`
			`214:AUE_SETEGID:setegid(2):pc`
			`215:AUE_SETEUID:seteuid(2):pc`
			`216:AUE_PUTMSG:putmsg(2):nt`
			`217:AUE_GETMSG:getmsg(2):nt`
			`218:AUE_PUTPMSG:putpmsg(2):nt`
			`219:AUE_GETPMSG:getpmsg(2):nt`
			`220:AUE_AUDITSYS:audit system calls place holder:no`
			`221:AUE_AUDITON_GETKMASK:auditon(2) - get kernel mask:ad`
			`222:AUE_AUDITON_SETKMASK:auditon(2) - set kernel mask:ad`
			`223:AUE_AUDITON_GETCWD:auditon(2) - get cwd:ad`
			`224:AUE_AUDITON_GETCAR:auditon(2) - get car:ad`
			`225:AUE_AUDITON_GETSTAT:auditon(2) - get audit statistics:ad`
			`226:AUE_AUDITON_SETSTAT:auditon(2) - reset audit statistics:ad`
			`227:AUE_AUDITON_SETUMASK:auditon(2) - set mask per uid:ad`
			`228:AUE_AUDITON_SETSMASK:auditon(2) - set mask per session ID:ad`
			`229:AUE_AUDITON_GETCOND:auditon(2) - get audit state:ad`
			`230:AUE_AUDITON_SETCOND:auditon(2) - set audit state:ad`
			`231:AUE_AUDITON_GETCLASS:auditon(2) - get event class:ad`
			`232:AUE_AUDITON_SETCLASS:auditon(2) - set event class:ad`
			`233:AUE_UTSSYS:utssys(2) - fusers:ad`
			`234:AUE_STATVFS:statvfs(2):fa`
			`235:AUE_XSTAT:xstat(2):fa`
			`236:AUE_LXSTAT:lx6stat(2):fa`
			`237:AUE_LCHOWN:lchown(2):fm`
			`238:AUE_MEMCNTL:memcntl(2):ot`
			`239:AUE_SYSINFO:sysinfo(2):ad`
			`240:AUE_XMKNOD:xmknod(2):fc`
			`241:AUE_FORK1:fork1(2):pc`
			`242:AUE_MODCTL:modctl(2) system call place holder:no`
			`243:AUE_MODLOAD:modctl(2) - load module:ad`
			`244:AUE_MODUNLOAD:modctl(2) - unload module:ad`
			`245:AUE_MODCONFIG:modctl(2) - configure module:ad`
			`246:AUE_MODADDMAJ:modctl(2) - bind module:ad`
			`247:AUE_SOCKACCEPT:getmsg-accept:nt`
			`248:AUE_SOCKCONNECT:putmsg-connect:nt`
			`249:AUE_SOCKSEND:putmsg-send:nt`
			`250:AUE_SOCKRECEIVE:getmsg-receive:nt`
			`251:AUE_ACLSET:acl(2) - SETACL comand:fm`
			`252:AUE_FACLSET:facl(2) - SETACL command:fm`
			`253:AUE_DOORFS:doorfs(2) - system call place holder:no`
			`254:AUE_DOORFS_DOOR_CALL:doorfs(2) - DOOR_CALL:ip`
			`255:AUE_DOORFS_DOOR_RETURN:doorfs(2) - DOOR_RETURN:ip`
			`256:AUE_DOORFS_DOOR_CREATE:doorfs(2) - DOOR_CREATE:ip`
			`257:AUE_DOORFS_DOOR_REVOKE:doorfs(2) - DOOR_REVOKE:ip`
			`258:AUE_DOORFS_DOOR_INFO:doorfs(2) - DOOR_INFO:ip`
			`259:AUE_DOORFS_DOOR_CRED:doorfs(2) - DOOR_CRED:ip`
			`260:AUE_DOORFS_DOOR_BIND:doorfs(2) - DOOR_BIND:ip`
			`261:AUE_DOORFS_DOOR_UNBIND:doorfs(2) - DOOR_UNBIND:ip`
			`262:AUE_P_ONLINE:p_online(2):ad`
			`263:AUE_PROCESSOR_BIND:processor_bind(2):ad`
			`264:AUE_INST_SYNC:inst_sync(2):ad`
			`266:AUE_SETAUDIT_ADDR:setaudit_addr(2):ad`
			`267:AUE_GETAUDIT_ADDR:getaudit_addr(2):ad`
			`268:AUE_CLOCK_SETTIME:clock_settime(2):ad`
			`269:AUE_NTP_ADJTIME:ntp_adjtime(2):ad`
			`301:AUE_GETFSSTAT:getfsstat(2):fa`
			`302:AUE_PTRACE:ptrace(2):pc`
			`303:AUE_CHFLAGS:chflags(2):fm`
			`304:AUE_FCHFLAGS:fchflags(2):fm`
			`305:AUE_PROFILE:profil(2):pc`
			`306:AUE_KTRACE:ktrace(2):pc`
			`307:AUE_SETLOGIN:setlogin(2):pc`
			`308:AUE_DARWIN_REBOOT:reboot(2):ad`
			`309:AUE_REVOKE:revoke(2):cl`
			`310:AUE_UMASK:umask(2):pc`
			`311:AUE_MPROTECT:mprotect(2):fm`
			`312:AUE_DARWIN_SETPRIORITY:setpriority(2):pc,ot`
			`313:AUE_DARWIN_SETTIMEOFDAY:settimeofday(2):ad`
			`314:AUE_DARWIN_FLOCK:flock(2):fm`
			`315:AUE_MKFIFO:mkfifo(2):fc`
			`316:AUE_POLL:poll(2):no`
			`317:AUE_DARWIN_SOCKETPAIR:socketpair(2):nt`
			`318:AUE_FUTIMES:futimes(2):fm`
			`319:AUE_SETSID:setsid(2):pc`
			`320:AUE_SETPRIVEXEC:setprivexec(2):pc`
			`321:AUE_DARWIN_NFSSVC:nfssvc(2):ad`
			`322:AUE_DARWIN_GETFH:getfh(2):fa`
			`323:AUE_DARWIN_QUOTACTL:quotactl(2):ad`
			`324:AUE_ADDPROFILE:system call:pc`
			`325:AUE_KDEBUGTRACE:system call:pc`
			`326:AUE_FSTAT:fstat(2):fa`
			`327:AUE_FPATHCONF:fpathconf(2):fa`
			`328:AUE_GETDIRENTRIES:getdirentries(2):fr`
			`329:AUE_DARWIN_TRUNCATE:truncate(2):fw`
			`330:AUE_DARWIN_FTRUNCATE:ftruncate(2):fw`
			`331:AUE_SYSCTL:sysctl(3):ad`
			`332:AUE_MLOCK:mlock(2):pc`
			`333:AUE_MUNLOCK:munlock(2):pc`
			`334:AUE_UNDELETE:undelete(2):fm`
			`335:AUE_GETATTRLIST:getattrlist():fa`
			`336:AUE_SETATTRLIST:setattrlist():fm`
			`337:AUE_GETDIRENTRIESATTR:getdirentriesattr():fa`
			`338:AUE_EXCHANGEDATA:exchangedata():fw`
			`339:AUE_SEARCHFS:searchfs():fa`
			`340:AUE_MINHERIT:minherit(2):pc`
			`341:AUE_SEMCONFIG:semconfig():ip`
			`342:AUE_SEMOPEN:sem_open(2):ip`
			`343:AUE_SEMCLOSE:sem_close(2):ip`
			`344:AUE_SEMUNLINK:sem_unlink(2):ip`
			`345:AUE_SHMOPEN:shm_open(2):ip`
			`346:AUE_SHMUNLINK:shm_unlink(2):ip`
			`347:AUE_LOADSHFILE:load_shared_file():fr`
			`348:AUE_RESETSHFILE:reset_shared_file():ot`
			`349:AUE_NEWSYSTEMSHREG:new_system_share_regions():ot`
			`350:AUE_PTHREADKILL:pthread_kill(2):pc`
			`351:AUE_PTHREADSIGMASK:pthread_sigmask(2):pc`
			`352:AUE_AUDITCTL:auditctl(2):ad`
			`353:AUE_RFORK:rfork(2):pc`
			`354:AUE_LCHMOD:lchmod(2):fm`
			`355:AUE_SWAPOFF:swapoff():ad`
			`356:AUE_INITPROCESS:init_process():pc`
			`357:AUE_MAPFD:map_fd():fa`
			`358:AUE_TASKFORPID:task_for_pid():pc`
			`359:AUE_PIDFORTASK:pid_for_task():pc`
			`360:AUE_SYSCTL_NONADMIN:sysctl() - non-admin:ot`
			`361:AUE_COPYFILE:copyfile():fr,fw`
			`362:AUE_LUTIMES:lutimes(2):fm`
			`363:AUE_LCHFLAGS:lchflags(2):fm`
			`364:AUE_SENDFILE:sendfile(2):nt`
			`365:AUE_USELIB:uselib(2):fa`
			`366:AUE_GETRESUID:getresuid(2):pc`
			`367:AUE_SETRESUID:setresuid(2):pc`
			`368:AUE_GETRESGID:getresgid(2):pc`
			`369:AUE_SETRESGID:setresgid(2):pc`
			`370:AUE_WAIT4:wait4(2):pc`
			`371:AUE_LGETFH:lgetfh(2):fa`
			`372:AUE_FHSTATFS:fhstatfs(2):fa`
			`373:AUE_FHOPEN:fhopen(2):fa`
			`374:AUE_FHSTAT:fhstat(2):fa`
			`375:AUE_JAIL:jail(2):pc`
			`376:AUE_EACCESS:eaccess(2):fa`
			`377:AUE_KQUEUE:kqueue(2):no`
			`378:AUE_KEVENT:kevent(2):no`
			`379:AUE_FSYNC:fsync(2):fm`
			`380:AUE_NMOUNT:nmount(2):ad`
			`6152:AUE_login:login - local:lo`
			`6153:AUE_logout:logout - local:lo`
			`6159:AUE_su:su(1):lo`
			`6160:AUE_halt:system halt:ad`
			`6168:AUE_shutdown:system shutdown:ad`
			`6171:AUE_audit_startup:audit startup:ad`
			`6172:AUE_audit_shutdown:audit shutdown:ad`
			`6207:AUE_create_user:create user:ad`
			`6208:AUE_modify_user:modify user:ad`
			`6209:AUE_delete_user:delete user:ad`
			`6210:AUE_disable_user:disable user:ad`
			`6211:AUE_enable_user::ad`
			`6300:AUE_sudo:sudo(1):ad`
			`6501:AUE_modify_password:modify password:ad`
			`6511:AUE_create_group:create group:ad`
			`6512:AUE_delete_group:delete group:ad`
			`6513:AUE_modify_group:modify group:ad`
			`6514:AUE_add_to_group:add to group:ad`
			`6515:AUE_remove_from_group:remove from group:ad`
			`6521:AUE_revoke_obj:revoke object priv:fm`
			`6600:AUE_lw_login:loginwindow login:lo`
			`6601:AUE_lw_logout:loginwindow logout:lo`
			`7000:AUE_auth_user:user authentication:ad`
			`7001:AUE_ssconn:SecSrvr connection setup:ad`
			`7002:AUE_ssauthorize:SecSrvr AuthEngine:ad`
			`7003:AUE_ssauthint:SecSrvr authinternal mech:ad`
			`32800:AUE_openssh:OpenSSH login:lo`