1.\"-
2.\" Copyright (c) 2005-2006 Robert N. M. Watson
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\" notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\" notice, this list of conditions and the following disclaimer in the
12.\" documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
| 1.\"-
2.\" Copyright (c) 2005-2006 Robert N. M. Watson
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\" notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\" notice, this list of conditions and the following disclaimer in the
12.\" documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
|
26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#9 $
| 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#10 $
|
27.\"
28.Dd April 19, 2005
29.Dt AU_CONTROL 3
30.Os
31.Sh NAME
32.Nm setac ,
33.Nm endac ,
34.Nm getacdir ,
35.Nm getacmin ,
| 27.\"
28.Dd April 19, 2005
29.Dt AU_CONTROL 3
30.Os
31.Sh NAME
32.Nm setac ,
33.Nm endac ,
34.Nm getacdir ,
35.Nm getacmin ,
|
| 36.Nm getacexpire ,
|
36.Nm getacfilesz ,
37.Nm getacflg ,
38.Nm getacna ,
39.Nm getacpol ,
40.Nm au_poltostr ,
41.Nm au_strtopol
42.Nd "look up information from the audit_control database"
43.Sh LIBRARY
44.Lb libbsm
45.Sh SYNOPSIS
46.In bsm/libbsm.h
47.Ft void
48.Fn setac void
49.Ft void
50.Fn endac void
51.Ft int
52.Fn getacdir "char *name" "int len"
53.Ft int
54.Fn getacmin "int *min_val"
55.Ft int
| 37.Nm getacfilesz ,
38.Nm getacflg ,
39.Nm getacna ,
40.Nm getacpol ,
41.Nm au_poltostr ,
42.Nm au_strtopol
43.Nd "look up information from the audit_control database"
44.Sh LIBRARY
45.Lb libbsm
46.Sh SYNOPSIS
47.In bsm/libbsm.h
48.Ft void
49.Fn setac void
50.Ft void
51.Fn endac void
52.Ft int
53.Fn getacdir "char *name" "int len"
54.Ft int
55.Fn getacmin "int *min_val"
56.Ft int
|
| 57.Fn getacexpire "int *andflg, time_t *age, size_t *size"
58.Ft int
|
56.Fn getacfilesz "size_t *size_val"
57.Ft int
58.Fn getacflg "char *auditstr" "int len"
59.Ft int
60.Fn getacna "char *auditstr" "int len"
61.Ft int
62.Fn getacpol "char *auditstr" "size_t len"
63.Ft ssize_t
64.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
65.Ft int
66.Fn au_strtopol "const char *polstr" "long *policy"
67.Sh DESCRIPTION
68These interfaces may be used to look up information from the
69.Xr audit_control 5
70database, which contains various audit-related administrative parameters.
71.Pp
72The
73.Fn setac
74function
75resets the database iterator to the beginning of the database; see the
76.Sx BUGS
77section for more information.
78.Pp
79The
80.Fn endac
81function
82closes the
83.Xr audit_control 5
84database.
85.Pp
86The
87.Fn getacdir
88function
89returns the name of the directory where log data is stored via the passed
90character buffer
91.Fa name
92of length
93.Fa len .
94.Pp
95The
96.Fn getacmin
97function
98returns the minimum free disk space for the audit log target file system via
99the passed
100.Fa min_val
101variable.
102.Pp
103The
| 59.Fn getacfilesz "size_t *size_val"
60.Ft int
61.Fn getacflg "char *auditstr" "int len"
62.Ft int
63.Fn getacna "char *auditstr" "int len"
64.Ft int
65.Fn getacpol "char *auditstr" "size_t len"
66.Ft ssize_t
67.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
68.Ft int
69.Fn au_strtopol "const char *polstr" "long *policy"
70.Sh DESCRIPTION
71These interfaces may be used to look up information from the
72.Xr audit_control 5
73database, which contains various audit-related administrative parameters.
74.Pp
75The
76.Fn setac
77function
78resets the database iterator to the beginning of the database; see the
79.Sx BUGS
80section for more information.
81.Pp
82The
83.Fn endac
84function
85closes the
86.Xr audit_control 5
87database.
88.Pp
89The
90.Fn getacdir
91function
92returns the name of the directory where log data is stored via the passed
93character buffer
94.Fa name
95of length
96.Fa len .
97.Pp
98The
99.Fn getacmin
100function
101returns the minimum free disk space for the audit log target file system via
102the passed
103.Fa min_val
104variable.
105.Pp
106The
|
| 107.Fn getacexpire
108function
109returns the audit trail file expiration parameters in the passed
110.Vt int
111buffer
112.Fa andflg ,
113.Vt time_t
114buffer
115.Fa age
116and
117.Vt size_t
118buffer
119.Fa size .
120If the parameter is not specified in the
121.Xr audit_control 5
122file it is set to zero.
123.Pp
124The
|
104.Fn getacfilesz
105function
106returns the audit trail rotation size in the passed
107.Vt size_t
108buffer
109.Fa size_val .
110.Pp
111The
112.Fn getacflg
113function
114returns the audit system flags via the the passed character buffer
115.Fa auditstr
116of length
117.Fa len .
118.Pp
119The
120.Fn getacna
121function
122returns the non-attributable flags via the passed character buffer
123.Fa auditstr
124of length
125.Fa len .
126.Pp
127The
128.Fn getacpol
129function
130returns the audit policy flags via the passed character buffer
131.Fa auditstr
132of length
133.Fa len .
134.Pp
135The
136.Fn au_poltostr
137function
138converts a numeric audit policy mask,
139.Fa policy ,
140to a string in the passed character buffer
141.Fa buf
142of lenth
143.Fa maxsize .
144.Pp
145The
146.Fn au_strtopol
147function
148converts an audit policy flags string,
149.Fa polstr ,
150to a numeric audit policy mask returned via
151.Fa policy .
152.Sh RETURN VALULES
153The
154.Fn getacdir ,
155.Fn getacmin ,
| 125.Fn getacfilesz
126function
127returns the audit trail rotation size in the passed
128.Vt size_t
129buffer
130.Fa size_val .
131.Pp
132The
133.Fn getacflg
134function
135returns the audit system flags via the the passed character buffer
136.Fa auditstr
137of length
138.Fa len .
139.Pp
140The
141.Fn getacna
142function
143returns the non-attributable flags via the passed character buffer
144.Fa auditstr
145of length
146.Fa len .
147.Pp
148The
149.Fn getacpol
150function
151returns the audit policy flags via the passed character buffer
152.Fa auditstr
153of length
154.Fa len .
155.Pp
156The
157.Fn au_poltostr
158function
159converts a numeric audit policy mask,
160.Fa policy ,
161to a string in the passed character buffer
162.Fa buf
163of lenth
164.Fa maxsize .
165.Pp
166The
167.Fn au_strtopol
168function
169converts an audit policy flags string,
170.Fa polstr ,
171to a numeric audit policy mask returned via
172.Fa policy .
173.Sh RETURN VALULES
174The
175.Fn getacdir ,
176.Fn getacmin ,
|
| 177.Fn getacexpire ,
|
156.Fn getacflg ,
157.Fn getacna ,
158.Fn getacpol ,
159and
160.Fn au_strtopol
161functions
162return 0 on success, or a negative value on failure, along with error
163information in
164.Va errno .
165.Pp
166The
167.Fn au_poltostr
168function
169returns a string length of 0 or more on success, or a negative value on
170if there is a failure.
171.Pp
172Functions that return a string value will return a failure if there is
173insufficient room in the passed character buffer for the full string.
174.Sh SEE ALSO
175.Xr libbsm 3 ,
176.Xr audit_control 5
177.Sh HISTORY
178The OpenBSM implementation was created by McAfee Research, the security
179division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
180It was subsequently adopted by the TrustedBSD Project as the foundation for
181the OpenBSM distribution.
182.Sh AUTHORS
183.An -nosplit
184This software was created by
185.An Robert Watson ,
186.An Wayne Salamon ,
187and
188.An Suresh Krishnaswamy
189for McAfee Research, the security research division of McAfee,
190Inc., under contract to Apple Computer, Inc.
191.Pp
192The Basic Security Module (BSM) interface to audit records and audit event
193stream format were defined by Sun Microsystems.
194.Sh BUGS
195These routines cannot currently distinguish between an entry not being found
196and an error accessing the database.
197The implementation should be changed to return an error via
198.Va errno
199when
200.Dv NULL
201is returned.
202.Sh BUGS
203There is no reason for the
204.Fn setac
205interface to be exposed as part of the public API, as it is called implicitly
206by other access functions and iteration is not supported.
207.Pp
208These interfaces inconsistently return various negative values depending on
209the failure mode, and do not always set
210.Va errno
211on failure.
| 178.Fn getacflg ,
179.Fn getacna ,
180.Fn getacpol ,
181and
182.Fn au_strtopol
183functions
184return 0 on success, or a negative value on failure, along with error
185information in
186.Va errno .
187.Pp
188The
189.Fn au_poltostr
190function
191returns a string length of 0 or more on success, or a negative value on
192if there is a failure.
193.Pp
194Functions that return a string value will return a failure if there is
195insufficient room in the passed character buffer for the full string.
196.Sh SEE ALSO
197.Xr libbsm 3 ,
198.Xr audit_control 5
199.Sh HISTORY
200The OpenBSM implementation was created by McAfee Research, the security
201division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
202It was subsequently adopted by the TrustedBSD Project as the foundation for
203the OpenBSM distribution.
204.Sh AUTHORS
205.An -nosplit
206This software was created by
207.An Robert Watson ,
208.An Wayne Salamon ,
209and
210.An Suresh Krishnaswamy
211for McAfee Research, the security research division of McAfee,
212Inc., under contract to Apple Computer, Inc.
213.Pp
214The Basic Security Module (BSM) interface to audit records and audit event
215stream format were defined by Sun Microsystems.
216.Sh BUGS
217These routines cannot currently distinguish between an entry not being found
218and an error accessing the database.
219The implementation should be changed to return an error via
220.Va errno
221when
222.Dv NULL
223is returned.
224.Sh BUGS
225There is no reason for the
226.Fn setac
227interface to be exposed as part of the public API, as it is called implicitly
228by other access functions and iteration is not supported.
229.Pp
230These interfaces inconsistently return various negative values depending on
231the failure mode, and do not always set
232.Va errno
233on failure.
|