1AUDIT_LOG_ACCT_MESSAGE(3) Linux Audit API AUDIT_LOG_ACCT_MESSAGE(3)
2
6 audit_log_acct_message - log a user account message
7
9 #include <libaudit.h>
10 int audit_log_acct_message(int audit_fd, int type, const char *pgname,
12 const char *op, const char *name, unsigned int id, const char *host,
13 const char *addr, const char *tty, int result)
14
17 This function will log a message to the audit system using a predefined
18 message format. It should be used for all account manipulation opera‐
19 tions. The function parameters are as follows:
20 audit_fd - The fd returned by audit_open
23 type - type of message: AUDIT_USER_CHAUTHTOK for changing any
25 account attributes.
26 pgname - program's name, if NULL will attempt to figure out
28 op - operation. Ex: "adding-user", "changing-finger-info",
30 "deleting-group". This value should have a dash or underscore
31 between the words so that report parsers group them together.
32 name - user's account or group name. If not available use NULL.
34 id - uid or gid that the operation is being performed on. If
36 the user is unknown, pass a -1 and fill in the name parameter.
37 This is used only when user is NULL.
38 host - The hostname if known. If not available pass a NULL.
40 addr - The network address of the user. If not available pass a
42 NULL.
43 tty - The tty of the user, if NULL will attempt to figure out
45 result - 1 is "success" and 0 is "failed"
47
50 It returns the sequence number which is > 0 on success or <= 0 on
51 error.
52
55 This function returns -1 on failure. Examine errno for more info.
56
59 audit_log_user_message(3), audit_log_user_comm_message(3),
60 audit_log_user_avc_message(3), audit_log_semanage_message(3).
61
64 Steve Grubb
65Red Hat Nov 2015 AUDIT_LOG_ACCT_MESSAGE(3)