> > How will this affect audit of chown(2), acl(2)? In particular when > > the audit trail file is processed on another system, or after a > > reboot? Will ephermeral uid's be stored in the audit trail file? > > How will praudit(1M), auditreduce(1M) be changed by this project? > > > > Gary.. > > This change doesn't change any syscalls. All it does is allow a user to > specify SIDs and then uses the idmap(1M) API to convert those to > ephemeral IDs.
Right and doesn't it store ephemeral IDs in the audit trail file? IIRC, ephemeral IDs were never supposed to survive reboots or be transfered to other systems. Audit trail files can be moved from the machine on which they were created; they can be processed after the system has been rebooted. How are ephemeral IDs processed in those environments? That is, "How will praudit(1M), auditreduce(1M) be changed by this project?" praudit translates user/group IDs to user/group names. auditreduce selects files based on fileowner and or filegroup. Gary..