1getfauditflags(3BSM)Security and Auditing Library Functionsgetfauditflags(3BSM)
2
3
4

NAME

6       getfauditflags - generate process audit state
7

SYNOPSIS

9       cc [ flag... ] file... -lbsm   -lsocket   -lnsl  [ library... ]
10       #include <sys/param.h>
11       #include <bsm/libbsm.h>
12
13       int getfauditflags(au_mask_t *usremasks, au_mask_t *usrdmasks,
14            au_mask_t *lastmasks);
15
16

DESCRIPTION

18       The  getfauditflags()  function generates a process audit state by com‐
19       bining the audit masks  passed as  parameters  with  the  system  audit
20       masks  specified  in  the  audit_control(4)  file. The getfauditflags()
21       function obtains the system audit  value  by  calling  getacflg()  (see
22       getacinfo(3BSM)).
23
24
25       The  usremasks  argument  points  to au_mask_t fields that contains two
26       values. The first value defines which events are always to  be  audited
27       when  they succeed. The second value defines which events are always to
28       be audited when they fail.
29
30
31       The usrdmasks argument points to au_mask_t  fields  that  contains  two
32       values.   The  first value defines which events are never to be audited
33       when they succeed. The second value defines which events are  never  to
34       be audited when they fail.
35
36
37       The  structures  pointed  to by usremasks and usrdmasks can be obtained
38       from  the  audit_user(4)  file  by  calling  getauusernam(3BSM),  which
39       returns a pointer to a strucure containing all audit_user(4) fields for
40       a user.
41
42
43       The output of this function is stored in lastmasks, a pointer  of  type
44       au_mask_t  as  well.  The  first  value  defines which events are to be
45       audited when they succeed and the second defines which events are to be
46       audited when they fail.
47
48
49       Both  usremasks  and  usrdmasks override the values in the system audit
50       values.
51

RETURN VALUES

53       Upon successful completion, getfauditflags() returns  0.  Otherwise  it
54       returns −1.
55

ATTRIBUTES

57       See attributes(5) for descriptions of the following attributes:
58
59
60
61
62       ┌─────────────────────────────┬─────────────────────────────┐
63       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
64       ├─────────────────────────────┼─────────────────────────────┤
65       │MT-Level                     │MT-Safe                      │
66       └─────────────────────────────┴─────────────────────────────┘
67

SEE ALSO

69       bsmconv(1M),  getacinfo(3BSM), getauditflags(3BSM), getauusernam(3BSM),
70       audit.log(4), audit_control(4), audit_user(4), attributes(5)
71

NOTES

73       The functionality described on this manual page is  available  only  if
74       the Solaris Auditing has been enabled.  See bsmconv(1M) for more infor‐
75       mation.
76
77
78
79SunOS 5.11                        31 Mar 2005             getfauditflags(3BSM)