getacna(3bsm)

1getacinfo(3BSM)     Security and Auditing Library Functions    getacinfo(3BSM)
2
3
4

NAME

6       getacinfo,  getacdir,  getacflg,  getacmin, getacna, setac, endac - get
7       audit control file information
8

SYNOPSIS

10       cc [ flag... ] file... -lbsm  -lsocket   -lnsl   [ library... ]
11       #include <bsm/libbsm.h>
12
13       int getacdir( char *dir, int len);
14
15
16       int getacmin( int *min_val);
17
18
19       int getacflg( char *auditstring, int len);
20
21
22       int getacna( char *auditstring, int len);
23
24
25       void setac(void);
26
27
28       void endac(void);
29
30

DESCRIPTION

32       When first called, getacdir()  provides  information  about  the  first
33       audit  directory  in the audit_control file. Thereafter, it returns the
34       next directory in the file. Successive calls list all  the  directories
35       listed in audit_control(4) The len argument specifies the length of the
36       buffer dir. On return, dir points to the directory entry.
37
38
39       The getacmin() function reads the minimum value from the  audit_control
40       file  and returns the value in min_val. The minimum value specifies how
41       full the file system to which the audit files are being written can get
42       before the script audit_warn(1M) is invoked.
43
44
45       The   getacflg()  function  reads  the  system  audit  value  from  the
46       audit_control file and returns the value in auditstring. The len  argu‐
47       ment specifies the length of the buffer auditstring.
48
49
50       The  getacna()  function reads the system audit value for non-attribut‐
51       able audit events from the audit_control file and returns the value  in
52       auditstring. The len argument specifies the length of the buffer audit‐
53       string. Non-attributable events are events that cannot be attributed to
54       an  individual  user.  The  inetd(1M) utility and several other daemons
55       record non-attributable events.
56
57
58       The setac() function rewinds the audit_control file to  allow  repeated
59       searches.
60
61
62       The  endac()  function closes the audit_control file when processing is
63       complete.
64

FILES

66       /etc/security/audit_control
67
68           file containing  default  parameters  read  by  the  audit  daemon,
69           auditd(1M)
70
71

RETURN VALUES

73       The getacdir(), getacflg(), getacna(), and getacmin() functions return:
74
75       0        on success.
76
77
78       −2       on failure and set errno to indicate the error.
79
80
81
82       The getacmin() and getacflg() functions return:
83
84       1    on EOF.
85
86
87
88       The getacdir() function returns:
89
90       −1       on EOF.
91
92
93       2        if  the  directory  search  had  to  start  from the beginning
94                because one of the other functions was called between calls to
95                getacdir().
96
97
98
99       These functions return:
100
101       −3       if  the  directory  entry  format in the audit_control file is
102                incorrect.
103
104
105
106       The getacdir(), getacflg(), and getacna() functions return:
107
108       −3       if the input buffer is too short to accommodate the record.
109
110

ATTRIBUTES

112       See attributes(5) for descriptions of the following attributes:
113
114
115
116
117       ┌─────────────────────────────┬─────────────────────────────┐
118       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
119       ├─────────────────────────────┼─────────────────────────────┤
120       │MT-Level                     │Safe                         │
121       └─────────────────────────────┴─────────────────────────────┘
122

NOTES

127       The functionality described on this manual page is  available  only  if
128       the Solaris Auditing has been enabled.  See bsmconv(1M) for more infor‐
129       mation.
130
131
132
133SunOS 5.11                        31 Mar 2005                  getacinfo(3BSM)