1au_user_mask(3BSM) Security and Auditing Library Functions au_user_mask(3BSM)
2
3
4
6 au_user_mask - get user's binary preselection mask
7
9 cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ]
10 #include <bsm/libbsm.h>
11
12 int au_user_mask(char *username, au_mask_t *mask_p);
13
14
16 The au_user_mask() function reads the default, system wide audit
17 classes from audit_control(4), combines them with the per-user audit
18 classes from the audit_user(4) database, and updates the binary prese‐
19 lection mask pointed to by mask_p with the combined value.
20
21
22 The audit flags in the flags field of the audit_control(4) database and
23 the always-audit-flags and never-audit-flags from the audit_user(4)
24 database represent binary audit classes. These fields are combined by
25 au_preselect(3BSM) as follows:
26
27
28 mask = ( flags + always-audit-flags) − never-audit-flags
29
30
31 The au_user_mask() function fails only if both the both the audit_con‐
32 trol(4) and the audit_user(4) database entries could not be retrieved.
33 This allows for flexible configurations.
34
36 Upon successful completion, au_user_mask() returns 0. It fails and
37 returns −1 if both the audit_control(4) and the audit_user(4) data‐
38 base entries could not be retrieved.
39
41 /etc/security/audit_control
42
43 file containing default parameters read by the audit daemon,
44 auditd(1M)
45
46
47 /etc/security/audit_user
48
49 file that stores per-user audit event mask
50
51
53 See attributes(5) for descriptions of the following attributes:
54
55
56
57
58 ┌─────────────────────────────┬─────────────────────────────┐
59 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
60 ├─────────────────────────────┼─────────────────────────────┤
61 │Interface Stability │Stable │
62 ├─────────────────────────────┼─────────────────────────────┤
63 │MT-Level │MT-Safe │
64 └─────────────────────────────┴─────────────────────────────┘
65
67 login(1), bsmconv(1M), getaudit(2), setaudit(2), au_preselect(3BSM),
68 getacinfo(3BSM), getauusernam(3BSM), audit_control(4), audit_user(4),
69 attributes(5)
70
72 The au_user_mask() function should be called by programs like login(1)
73 which set a process's preselection mask with setaudit(2). getaudit(2)
74 should be used to obtain audit characteristics for the current process.
75
76
77 The functionality described on this manual page is available only if
78 the Solaris Auditing has been enabled. See bsmconv(1M) for more infor‐
79 mation.
80
81
82
83SunOS 5.11 31 Mar 2005 au_user_mask(3BSM)