| libbsm.3 (155131) | libbsm.3 (155364) |
|---|---|
| 1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" | 1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" |
| 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#3 $ | 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#4 $ |
| 27.\" 28.Dd April 19, 2005 29.Dt LIBBSM 3 30.Os 31.Sh NAME 32.Nm libbsm 33.Nd "Basic Security Module (BSM) Audit API" 34.Sh LIBRARY --- 8 unchanged lines hidden (view full) --- 43audit records and streams. 44.Sh INTERFACES 45.Nm 46provides a large number of Audit programming interfaces in several classes: 47event stream interfaces, class interfaces, control interfaces, event 48interfaces, I/O interfaces, mask interfaces, notification interfaces, token 49interfaces, and user interfaces. 50These are described respectively in the | 27.\" 28.Dd April 19, 2005 29.Dt LIBBSM 3 30.Os 31.Sh NAME 32.Nm libbsm 33.Nd "Basic Security Module (BSM) Audit API" 34.Sh LIBRARY --- 8 unchanged lines hidden (view full) --- 43audit records and streams. 44.Sh INTERFACES 45.Nm 46provides a large number of Audit programming interfaces in several classes: 47event stream interfaces, class interfaces, control interfaces, event 48interfaces, I/O interfaces, mask interfaces, notification interfaces, token 49interfaces, and user interfaces. 50These are described respectively in the |
| 51.Xr au_stream 3 , | |
| 52.Xr au_class 3 , 53.Xr au_control 3 , 54.Xr au_event 3 , 55.Xr au_mask 3 , 56.Xr au_notify 3 , | 51.Xr au_class 3 , 52.Xr au_control 3 , 53.Xr au_event 3 , 54.Xr au_mask 3 , 55.Xr au_notify 3 , |
| 56.Xr au_stream 3 , |
|
| 57.Xr au_token 3 , 58.Xr au_user 3 59man pages. 60.Ss Audit Event Stream Interfaces 61Audit event stream interfaces support interaction with file-backed audit 62event streams: | 57.Xr au_token 3 , 58.Xr au_user 3 59man pages. 60.Ss Audit Event Stream Interfaces 61Audit event stream interfaces support interaction with file-backed audit 62event streams: |
| 63.Xr au_close 3 . |
|
| 63.Xr au_free_token 3 , | 64.Xr au_free_token 3 , |
| 64.Xr au_free_token 3 , | |
| 65.Xr au_open 3 , 66.Xr au_write 3 , | 65.Xr au_open 3 , 66.Xr au_write 3 , |
| 67.Xr au_close 3 . | |
| 68.Ss Audit Class Interfaces 69Audit class interfaces support the look up of information from the 70.Xr audit_class 5 71database: | 67.Ss Audit Class Interfaces 68Audit class interfaces support the look up of information from the 69.Xr audit_class 5 70database: |
| 71.Xr endauclass 3 , |
|
| 72.Xr getauclassent 3 , 73.Xr getauclassent_r 3 , 74.Xr getauclassnam 3 , 75.Xr getauclassnam_r 3 , | 72.Xr getauclassent 3 , 73.Xr getauclassent_r 3 , 74.Xr getauclassnam 3 , 75.Xr getauclassnam_r 3 , |
| 76.Xr setauclass 3 , 77.Xr endauclass 3 . | 76.Xr setauclass 3 . |
| 78.Ss Audit Control Interfaces 79Audit control interfaces support the look up of information from the 80.Xr audit_control 5 81database: | 77.Ss Audit Control Interfaces 78Audit control interfaces support the look up of information from the 79.Xr audit_control 5 80database: |
| 82.Xr setac 3 , | |
| 83.Xr endac 3 , | 81.Xr endac 3 , |
| 82.Xr setac 3 , |
|
| 84.Xr getacdir 3 , | 83.Xr getacdir 3 , |
| 85.Xr getacmin 3 , | |
| 86.Xr getacflg 3 , | 84.Xr getacflg 3 , |
| 85.Xr getacmin 3 , |
|
| 87.Xr getacna 3 . 88.Ss Audit Event Interfaces 89Audit event interfaces support the look up of information from the 90.Xr audit_event 5 91database: | 86.Xr getacna 3 . 87.Ss Audit Event Interfaces 88Audit event interfaces support the look up of information from the 89.Xr audit_event 5 90database: |
| 92.Xr setauevent 3 , | |
| 93.Xr endauevent 3 , | 91.Xr endauevent 3 , |
| 92.Xr setauevent 3 , |
|
| 94.Xr getauevent 3 , 95.Xr getauevent_r 3 , 96.Xr getauevnam 3 , 97.Xr getauevnam_r 3 , | 93.Xr getauevent 3 , 94.Xr getauevent_r 3 , 95.Xr getauevnam 3 , 96.Xr getauevnam_r 3 , |
| 98.Xr getauevnum 3 , 99.Xr getauevnum_r 3 , | |
| 100.Xr getauevnonam 3 , 101.Xr getauevnonam_r 3 , | 97.Xr getauevnonam 3 , 98.Xr getauevnonam_r 3 , |
| 99.Xr getauevnum 3 , 100.Xr getauevnum_r 3 . |
|
| 102.Ss Audit I/O Interfaces 103Audit I/O interfaces support the processing and printing of tokens, as well 104as the reading of audit records: 105.Xr au_fetch_tok 3 , 106.Xr au_print_tok 3 , 107.Xr au_read_rec 3 . 108.Ss Audit Mask Interfaces 109Audit mask interfaces convert support the conversion between strings and 110.Vt au_mask_t 111values. 112They may also be used to determine if a particular audit event is matched 113by a mask: 114.Xr au_preselect 3 , 115.Xr getauditflagsbin 3 , 116.Xr getauditflagschar 3 . 117.Ss Audit Notification Interfaces 118Audit notification routines track audit state in a form permitting efficient 119update, avoiding frequent system calls to check the kernel audit state: | 101.Ss Audit I/O Interfaces 102Audit I/O interfaces support the processing and printing of tokens, as well 103as the reading of audit records: 104.Xr au_fetch_tok 3 , 105.Xr au_print_tok 3 , 106.Xr au_read_rec 3 . 107.Ss Audit Mask Interfaces 108Audit mask interfaces convert support the conversion between strings and 109.Vt au_mask_t 110values. 111They may also be used to determine if a particular audit event is matched 112by a mask: 113.Xr au_preselect 3 , 114.Xr getauditflagsbin 3 , 115.Xr getauditflagschar 3 . 116.Ss Audit Notification Interfaces 117Audit notification routines track audit state in a form permitting efficient 118update, avoiding frequent system calls to check the kernel audit state: |
| 119.Xr au_get_state 3 , |
|
| 120.Xr au_notify_initialize 3 , | 120.Xr au_notify_initialize 3 , |
| 121.Xr au_notify_terminate 3 , 122.Xr au_get_state 3 . | 121.Xr au_notify_terminate 3 . |
| 123These interfaces are implemented only for Darwin/Mac OS X. 124.Ss Audit Token Interface 125Audit token interfaces permit the creation of tokens for use in creating 126audit records for submission to event streams. 127Each interface converts a C type to its 128.Vt token_t 129representation. | 122These interfaces are implemented only for Darwin/Mac OS X. 123.Ss Audit Token Interface 124Audit token interfaces permit the creation of tokens for use in creating 125audit records for submission to event streams. 126Each interface converts a C type to its 127.Vt token_t 128representation. |
| 129.Xr au_to_arg 3 , |
|
| 130.Xr au_to_arg32 3 , 131.Xr au_to_arg64 3 , | 130.Xr au_to_arg32 3 , 131.Xr au_to_arg64 3 , |
| 132.Xr au_to_arg 3 , | |
| 133.Xr au_to_attr64 3 , 134.Xr au_to_data 3 , | 132.Xr au_to_attr64 3 , 133.Xr au_to_data 3 , |
| 134.Xr au_to_exec_args 3 , 135.Xr au_to_exec_env 3 , |
|
| 135.Xr au_to_exit 3 , | 136.Xr au_to_exit 3 , |
| 137.Xr au_to_file 3 , |
|
| 136.Xr au_to_groups 3 , | 138.Xr au_to_groups 3 , |
| 137.Xr au_to_newgroups 3 , | 139.Xr au_to_header32 3 , 140.Xr au_to_header64 3 , |
| 138.Xr au_to_in_addr 3 , 139.Xr au_to_in_addr_ex 3 , 140.Xr au_to_ip 3 , 141.Xr au_to_ipc 3 , 142.Xr au_to_ipc_perm 3 , 143.Xr au_to_iport 3 , | 141.Xr au_to_in_addr 3 , 142.Xr au_to_in_addr_ex 3 , 143.Xr au_to_ip 3 , 144.Xr au_to_ipc 3 , 145.Xr au_to_ipc_perm 3 , 146.Xr au_to_iport 3 , |
| 147.Xr au_to_me 3 , 148.Xr au_to_newgroups 3 , |
|
| 144.Xr au_to_opaque 3 , | 149.Xr au_to_opaque 3 , |
| 145.Xr au_to_file 3 , 146.Xr au_to_text 3 , | |
| 147.Xr au_to_path 3 , | 150.Xr au_to_path 3 , |
| 151.Xr au_to_process 3 , |
|
| 148.Xr au_to_process32 3 , 149.Xr au_to_process64 3 , | 152.Xr au_to_process32 3 , 153.Xr au_to_process64 3 , |
| 150.Xr au_to_process 3 , | 154.Xr au_to_process_ex 3 , |
| 151.Xr au_to_process32_ex 3 , 152.Xr au_to_process64_ex 3 , | 155.Xr au_to_process32_ex 3 , 156.Xr au_to_process64_ex 3 , |
| 153.Xr au_to_process_ex 3 , | 157.Xr au_to_return 3 , |
| 154.Xr au_to_return32 3 , 155.Xr au_to_return64 3 , | 158.Xr au_to_return32 3 , 159.Xr au_to_return64 3 , |
| 156.Xr au_to_return 3 , | |
| 157.Xr au_to_seq 3 , 158.Xr au_to_socket 3 , 159.Xr au_to_socket_ex_32 3 , 160.Xr au_to_socket_ex_128 3 , | 160.Xr au_to_seq 3 , 161.Xr au_to_socket 3 , 162.Xr au_to_socket_ex_32 3 , 163.Xr au_to_socket_ex_128 3 , |
| 164.Xr au_to_sock_inet 3 , |
|
| 161.Xr au_to_sock_inet32 3 , 162.Xr au_to_sock_inet128 3 , | 165.Xr au_to_sock_inet32 3 , 166.Xr au_to_sock_inet128 3 , |
| 163.Xr au_to_sock_inet 3 , | 167.Xr au_to_subject 3 , |
| 164.Xr au_to_subject32 3 , 165.Xr au_to_subject64 3 , | 168.Xr au_to_subject32 3 , 169.Xr au_to_subject64 3 , |
| 166.Xr au_to_subject 3 , | 170.Xr au_to_subject_ex 3 , |
| 167.Xr au_to_subject32_ex 3 , 168.Xr au_to_subject64_ex 3 , | 171.Xr au_to_subject32_ex 3 , 172.Xr au_to_subject64_ex 3 , |
| 169.Xr au_to_subject_ex 3 , 170.Xr au_to_me 3 , 171.Xr au_to_exec_args 3 , 172.Xr au_to_exec_env 3 , 173.Xr au_to_header32 3 , 174.Xr au_to_header64 3 , | 173.Xr au_to_text 3 , |
| 175.Xr au_to_trailer 3 . 176.Ss Audit User Interfaces 177Audit user interfaces support the look up of information from the 178.Xr audit_user 5 179database: | 174.Xr au_to_trailer 3 . 175.Ss Audit User Interfaces 176Audit user interfaces support the look up of information from the 177.Xr audit_user 5 178database: |
| 180.Xr setauuser 3 , | 179.Xr au_user_mask 3 , |
| 181.Xr endauuser 3 , | 180.Xr endauuser 3 , |
| 181.Xr setauuser 3 , |
|
| 182.Xr getauuserent 3 , 183.Xr getauuserent_r 3 , 184.Xr getauusernam 3 , 185.Xr getauusernam_r 3 , | 182.Xr getauuserent 3 , 183.Xr getauuserent_r 3 , 184.Xr getauusernam 3 , 185.Xr getauusernam_r 3 , |
| 186.Xr au_user_mask 3 , | |
| 187.Xr getfauditflags 3 . 188.Sh SEE ALSO 189.Xr au_class 3 , 190.Xr au_mask 3 , 191.Xr au_notify 3 , 192.Xr au_stream 3 , 193.Xr au_token 3 , 194.Xr au_user 3 , --- 26 unchanged lines hidden --- | 186.Xr getfauditflags 3 . 187.Sh SEE ALSO 188.Xr au_class 3 , 189.Xr au_mask 3 , 190.Xr au_notify 3 , 191.Xr au_stream 3 , 192.Xr au_token 3 , 193.Xr au_user 3 , --- 26 unchanged lines hidden --- |