| au_control.3 (162621) | au_control.3 (168777) |
|---|---|
| 1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. | 1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. |
| 13.\" | 13.\" |
| 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" | 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" |
| 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#5 $ | 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#8 $ |
| 27.\" 28.Dd April 19, 2005 29.Dt AU_CONTROL 3 30.Os 31.Sh NAME 32.Nm setac , 33.Nm endac , 34.Nm getacdir , 35.Nm getacmin , 36.Nm getacfilesz , 37.Nm getacflg , 38.Nm getacna , 39.Nm getacpol , | 27.\" 28.Dd April 19, 2005 29.Dt AU_CONTROL 3 30.Os 31.Sh NAME 32.Nm setac , 33.Nm endac , 34.Nm getacdir , 35.Nm getacmin , 36.Nm getacfilesz , 37.Nm getacflg , 38.Nm getacna , 39.Nm getacpol , |
| 40.Nm au_poltostr | 40.Nm au_poltostr , |
| 41.Nm au_strtopol | 41.Nm au_strtopol |
| 42.Nd "Look up information from the audit_control database" | 42.Nd "look up information from the audit_control database" |
| 43.Sh LIBRARY 44.Lb libbsm 45.Sh SYNOPSIS | 43.Sh LIBRARY 44.Lb libbsm 45.Sh SYNOPSIS |
| 46.In libbsm.h | 46.In bsm/libbsm.h |
| 47.Ft void | 47.Ft void |
| 48.Fn setac "void" | 48.Fn setac void |
| 49.Ft void | 49.Ft void |
| 50.Fn endac "void" | 50.Fn endac void |
| 51.Ft int 52.Fn getacdir "char *name" "int len" 53.Ft int 54.Fn getacmin "int *min_val" 55.Ft int 56.Fn getacfilesz "size_t *size_val" 57.Ft int 58.Fn getacflg "char *auditstr" "int len" --- 5 unchanged lines hidden (view full) --- 64.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" 65.Ft int 66.Fn au_strtopol "const char *polstr" "long *policy" 67.Sh DESCRIPTION 68These interfaces may be used to look up information from the 69.Xr audit_control 5 70database, which contains various audit-related administrative parameters. 71.Pp | 51.Ft int 52.Fn getacdir "char *name" "int len" 53.Ft int 54.Fn getacmin "int *min_val" 55.Ft int 56.Fn getacfilesz "size_t *size_val" 57.Ft int 58.Fn getacflg "char *auditstr" "int len" --- 5 unchanged lines hidden (view full) --- 64.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" 65.Ft int 66.Fn au_strtopol "const char *polstr" "long *policy" 67.Sh DESCRIPTION 68These interfaces may be used to look up information from the 69.Xr audit_control 5 70database, which contains various audit-related administrative parameters. 71.Pp |
| 72The |
|
| 72.Fn setac | 73.Fn setac |
| 74function |
|
| 73resets the database iterator to the beginning of the database; see the | 75resets the database iterator to the beginning of the database; see the |
| 74BUGS section for more information. | 76.Sx BUGS 77section for more information. |
| 75.Pp | 78.Pp |
| 79The |
|
| 76.Fn sendac | 80.Fn sendac |
| 81function |
|
| 77closes the 78.Xr audit_control 5 79database. 80.Pp | 82closes the 83.Xr audit_control 5 84database. 85.Pp |
| 86The |
|
| 81.Fn getacdir | 87.Fn getacdir |
| 88function |
|
| 82returns the name of the directory where log data is stored via the passed 83character buffer | 89returns the name of the directory where log data is stored via the passed 90character buffer |
| 84.Va name | 91.Fa name |
| 85of length | 92of length |
| 86.Va len . | 93.Fa len . |
| 87.Pp | 94.Pp |
| 95The |
|
| 88.Fn getacmin | 96.Fn getacmin |
| 97function |
|
| 89returns the minimum free disk space for the audit log target file system via 90the passed | 98returns the minimum free disk space for the audit log target file system via 99the passed |
| 91.Va min_val | 100.Fa min_val |
| 92variable. 93.Pp | 101variable. 102.Pp |
| 103The |
|
| 94.Fn getacfilesz | 104.Fn getacfilesz |
| 95returns the audit trail rotation size in the passed size_t buffer | 105function 106returns the audit trail rotation size in the passed 107.Vt size_t 108buffer |
| 96.Fa size_val . 97.Pp | 109.Fa size_val . 110.Pp |
| 111The |
|
| 98.Fn getacflg | 112.Fn getacflg |
| 113function |
|
| 99returns the audit system flags via the the passed character buffer | 114returns the audit system flags via the the passed character buffer |
| 100.Va auditstr | 115.Fa auditstr |
| 101of length | 116of length |
| 102.Va len . | 117.Fa len . |
| 103.Pp | 118.Pp |
| 119The |
|
| 104.Fn getacna | 120.Fn getacna |
| 121function |
|
| 105returns the non-attributable flags via the passed character buffer | 122returns the non-attributable flags via the passed character buffer |
| 106.Va auditstr | 123.Fa auditstr |
| 107of length | 124of length |
| 108.Va len . | 125.Fa len . |
| 109.Pp | 126.Pp |
| 127The |
|
| 110.Fn getacpol | 128.Fn getacpol |
| 129function |
|
| 111returns the audit policy flags via the passed character buffer | 130returns the audit policy flags via the passed character buffer |
| 112.Va auditstr | 131.Fa auditstr |
| 113of length | 132of length |
| 114.Va len . | 133.Fa len . |
| 115.Pp | 134.Pp |
| 135The |
|
| 116.Fn au_poltostr | 136.Fn au_poltostr |
| 137function |
|
| 117converts a numeric audit policy mask, | 138converts a numeric audit policy mask, |
| 118.Va policy , 119value to a string in the passed character buffer 120.Va buf | 139.Fa policy , 140to a string in the passed character buffer 141.Fa buf |
| 121of lenth | 142of lenth |
| 122.Va maxsize . | 143.Fa maxsize . |
| 123.Pp | 144.Pp |
| 145The |
|
| 124.Fn au_strtopol | 146.Fn au_strtopol |
| 147function |
|
| 125converts an audit policy flags string, | 148converts an audit policy flags string, |
| 126.Va polstr , | 149.Fa polstr , |
| 127to a numeric audit policy mask returned via | 150to a numeric audit policy mask returned via |
| 128.Va policy . | 151.Fa policy . |
| 129.Sh RETURN VALULES | 152.Sh RETURN VALULES |
| 153The |
|
| 130.Fn getacdir , 131.Fn getacmin , 132.Fn getacflg , 133.Fn getacna , 134.Fn getacpol , 135and 136.Fn au_strtopol | 154.Fn getacdir , 155.Fn getacmin , 156.Fn getacflg , 157.Fn getacna , 158.Fn getacpol , 159and 160.Fn au_strtopol |
| 161functions |
|
| 137return 0 on success, or a negative value on failure, along with error 138information in 139.Va errno . 140.Pp | 162return 0 on success, or a negative value on failure, along with error 163information in 164.Va errno . 165.Pp |
| 166The |
|
| 141.Fn au_poltostr | 167.Fn au_poltostr |
| 168function |
|
| 142returns a string length of 0 or more on success, or a negative value on 143if there is a failure. 144.Pp 145Functions that return a string value will return a failure if there is 146insufficient room in the passed character buffer for the full string. 147.Sh SEE ALSO 148.Xr libbsm 3 , 149.Xr audit_control 5 | 169returns a string length of 0 or more on success, or a negative value on 170if there is a failure. 171.Pp 172Functions that return a string value will return a failure if there is 173insufficient room in the passed character buffer for the full string. 174.Sh SEE ALSO 175.Xr libbsm 3 , 176.Xr audit_control 5 |
| 150.Sh AUTHORS 151This software was created by Robert Watson, Wayne Salamon, and Suresh 152Krishnaswamy for McAfee Research, the security research division of McAfee, 153Inc., under contract to Apple Computer, Inc. 154.Pp 155The Basic Security Module (BSM) interface to audit records and audit event 156stream format were defined by Sun Microsystems. | |
| 157.Sh HISTORY 158The OpenBSM implementation was created by McAfee Research, the security 159division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 160It was subsequently adopted by the TrustedBSD Project as the foundation for 161the OpenBSM distribution. | 177.Sh HISTORY 178The OpenBSM implementation was created by McAfee Research, the security 179division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 180It was subsequently adopted by the TrustedBSD Project as the foundation for 181the OpenBSM distribution. |
| 182.Sh AUTHORS 183.An -nosplit 184This software was created by 185.An Robert Watson , 186.An Wayne Salamon , 187and 188.An Suresh Krishnaswamy 189for McAfee Research, the security research division of McAfee, 190Inc., under contract to Apple Computer, Inc. 191.Pp 192The Basic Security Module (BSM) interface to audit records and audit event 193stream format were defined by Sun Microsystems. |
|
| 162.Sh BUGS 163These routines cannot currently distinguish between an entry not being found 164and an error accessing the database. 165The implementation should be changed to return an error via 166.Va errno 167when 168.Dv NULL 169is returned. 170.Sh BUGS 171There is no reason for the 172.Fn setac 173interface to be exposed as part of the public API, as it is called implicitly 174by other access functions and iteration is not supported. 175.Pp 176These interfaces inconsistently return various negative values depending on 177the failure mode, and do not always set 178.Va errno 179on failure. | 194.Sh BUGS 195These routines cannot currently distinguish between an entry not being found 196and an error accessing the database. 197The implementation should be changed to return an error via 198.Va errno 199when 200.Dv NULL 201is returned. 202.Sh BUGS 203There is no reason for the 204.Fn setac 205interface to be exposed as part of the public API, as it is called implicitly 206by other access functions and iteration is not supported. 207.Pp 208These interfaces inconsistently return various negative values depending on 209the failure mode, and do not always set 210.Va errno 211on failure. |