1getfauditflags(3BSM)Security and Auditing Library Functionsgetfauditflags(3BSM)
2
3
4
6 getfauditflags - generate process audit state
7
9 cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ]
10 #include <sys/param.h>
11 #include <bsm/libbsm.h>
12
13 int getfauditflags(au_mask_t *usremasks, au_mask_t *usrdmasks,
14 au_mask_t *lastmasks);
15
16
18 The getfauditflags() function generates a process audit state by com‐
19 bining the audit masks passed as parameters with the system audit
20 masks specified in the audit_control(4) file. The getfauditflags()
21 function obtains the system audit value by calling getacflg() (see
22 getacinfo(3BSM)).
23
24
25 The usremasks argument points to au_mask_t fields that contains two
26 values. The first value defines which events are always to be audited
27 when they succeed. The second value defines which events are always to
28 be audited when they fail.
29
30
31 The usrdmasks argument points to au_mask_t fields that contains two
32 values. The first value defines which events are never to be audited
33 when they succeed. The second value defines which events are never to
34 be audited when they fail.
35
36
37 The structures pointed to by usremasks and usrdmasks can be obtained
38 from the audit_user(4) file by calling getauusernam(3BSM), which
39 returns a pointer to a strucure containing all audit_user(4) fields for
40 a user.
41
42
43 The output of this function is stored in lastmasks, a pointer of type
44 au_mask_t as well. The first value defines which events are to be
45 audited when they succeed and the second defines which events are to be
46 audited when they fail.
47
48
49 Both usremasks and usrdmasks override the values in the system audit
50 values.
51
53 Upon successful completion, getfauditflags() returns 0. Otherwise it
54 returns −1.
55
57 See attributes(5) for descriptions of the following attributes:
58
59
60
61
62 ┌─────────────────────────────┬─────────────────────────────┐
63 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
64 ├─────────────────────────────┼─────────────────────────────┤
65 │MT-Level │MT-Safe │
66 └─────────────────────────────┴─────────────────────────────┘
67
69 bsmconv(1M), getacinfo(3BSM), getauditflags(3BSM), getauusernam(3BSM),
70 audit.log(4), audit_control(4), audit_user(4), attributes(5)
71
73 The functionality described on this manual page is available only if
74 the Solaris Auditing has been enabled. See bsmconv(1M) for more infor‐
75 mation.
76
77
78
79SunOS 5.11 31 Mar 2005 getfauditflags(3BSM)