setac, endac, getacdir, getacmin, getacfilesz, getacflg, getacna, getacpol, au_poltostr, au_strtopol - look up information from the audit_control database

CONTENTS

Library
Synopsis
Description
Return Valules
See Also
History
Authors
Bugs
Bugs

.Lb libbsm

.In bsm/libbsm.h void setac void void endac void int getacdir char *name int len int getacmin int *min_val int getacfilesz size_t *size_val int getacflg char *auditstr int len int getacna char *auditstr int len int getacpol char *auditstr size_t len ssize_t au_poltostr long policy size_t maxsize char *buf int au_strtopol const char *polstr long *policy

These interfaces may be used to look up information from the audit_control(5) database, which contains various audit-related administrative parameters.

The setac function resets the database iterator to the beginning of the database; see the BUGS section for more information.

The endac function closes the audit_control(5) database.

The getacdir function returns the name of the directory where log data is stored via the passed character buffer name of length len.

The getacmin function returns the minimum free disk space for the audit log target file system via the passed min_val variable.

The getacfilesz function returns the audit trail rotation size in the passed
.Vt size_t buffer size_val.

The getacflg function returns the audit system flags via the the passed character buffer auditstr of length len.

The getacna function returns the non-attributable flags via the passed character buffer auditstr of length len.

The getacpol function returns the audit policy flags via the passed character buffer auditstr of length len.

The au_poltostr function converts a numeric audit policy mask, policy, to a string in the passed character buffer buf of lenth maxsize.

The au_strtopol function converts an audit policy flags string, polstr, to a numeric audit policy mask returned via policy.

The getacdir, getacmin, getacflg, getacna, getacpol, and au_strtopol functions return 0 on success, or a negative value on failure, along with error information in errno.

The au_poltostr function returns a string length of 0 or more on success, or a negative value on if there is a failure.

Functions that return a string value will return a failure if there is insufficient room in the passed character buffer for the full string.

libbsm(3), audit_control(5)

The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.

.An -nosplit This software was created by
.An Robert Watson ,
.An Wayne Salamon , and
.An Suresh Krishnaswamy for McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer, Inc.

The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.

These routines cannot currently distinguish between an entry not being found and an error accessing the database. The implementation should be changed to return an error via errno when NULL is returned.

There is no reason for the setac interface to be exposed as part of the public API, as it is called implicitly by other access functions and iteration is not supported.

These interfaces inconsistently return various negative values depending on the failure mode, and do not always set errno on failure.

Search for    or go to Top of page |  Section 3 |  Main Index

Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.