1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution.
| 1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution.
|
13.\"
| 13.\"
|
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\"
| 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\"
|
26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_user.3#4 $
| 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_user.3#10 $
|
27.\" 28.Dd April 19, 2005 29.Dt AU_USER 3 30.Os 31.Sh NAME 32.Nm setauuser , 33.Nm endauuser , 34.Nm getauuserent , 35.Nm getauuserent_r , 36.Nm getauusernam , 37.Nm getauusernam_r , 38.Nm au_user_mask , 39.Nm getfauditflags
| 27.\" 28.Dd April 19, 2005 29.Dt AU_USER 3 30.Os 31.Sh NAME 32.Nm setauuser , 33.Nm endauuser , 34.Nm getauuserent , 35.Nm getauuserent_r , 36.Nm getauusernam , 37.Nm getauusernam_r , 38.Nm au_user_mask , 39.Nm getfauditflags
|
40.Nd "Look up information from the audit_user database"
| 40.Nd "look up information from the audit_user database"
|
41.Sh LIBRARY 42.Lb libbsm 43.Sh SYNOPSIS
| 41.Sh LIBRARY 42.Lb libbsm 43.Sh SYNOPSIS
|
44.In libbsm.h
| 44.In bsm/libbsm.h
|
45.Ft void
| 45.Ft void
|
46.Fn setauuser "void"
| 46.Fn setauuser void
|
47.Ft void
| 47.Ft void
|
48.Fn endauuser "void" 49.Ft struct au_user_ent * 50.Fn getauuserent "void" 51.Ft struct au_user_ent * 52.Fn getauuserent_r "struct au_user_ent *u" "void" 53.Ft struct au_user_ent *
| 48.Fn endauuser void 49.Ft "struct au_user_ent *" 50.Fn getauuserent void 51.Ft "struct au_user_ent *" 52.Fn getauuserent_r "struct au_user_ent *u" 53.Ft "struct au_user_ent *"
|
54.Fn getauusernam "const char *name"
| 54.Fn getauusernam "const char *name"
|
55.Ft struct au_user_ent *
| 55.Ft "struct au_user_ent *"
|
56.Fn getauusernam_r "struct au_user_ent *u" "const char *name" 57.Ft int 58.Fn au_user_mask "char *username" "au_mask_t *mask_p" 59.Ft int
| 56.Fn getauusernam_r "struct au_user_ent *u" "const char *name" 57.Ft int 58.Fn au_user_mask "char *username" "au_mask_t *mask_p" 59.Ft int
|
60.Fn getfauditflags "au_mask_t *usremask" "au_mask_t *usrdmask" "au_mask_t *lastmask"
| 60.Fo getfauditflags 61.Fa "au_mask_t *usremask" "au_mask_t *usrdmask" "au_mask_t *lastmask" 62.Fc
|
61.Sh DESCRIPTION 62These interfaces may be used to look up information from the 63.Xr audit_user 5 64database, which describes per-user audit configuration. 65Audit user entries are described by a 66.Vt au_user_ent , 67which stores the user's name in
| 63.Sh DESCRIPTION 64These interfaces may be used to look up information from the 65.Xr audit_user 5 66database, which describes per-user audit configuration. 67Audit user entries are described by a 68.Vt au_user_ent , 69which stores the user's name in
|
68.Dv au_name ,
| 70.Va au_name ,
|
69events to always audit in
| 71events to always audit in
|
70.Dv au_always ,
| 72.Va au_always ,
|
71and events never to audit
| 73and events never to audit
|
72.Dv au_never .
| 74.Va au_never .
|
73.Pp
| 75.Pp
|
| 76The
|
74.Fn getauuserent
| 77.Fn getauuserent
|
| 78function
|
75returns the next user found in the 76.Xr audit_user 5 77database, or the first if the function has not yet been called. 78.Dv NULL 79will be returned if no further records are available. 80.Pp
| 79returns the next user found in the 80.Xr audit_user 5 81database, or the first if the function has not yet been called. 82.Dv NULL 83will be returned if no further records are available. 84.Pp
|
| 85The
|
81.Fn getauusernam
| 86.Fn getauusernam
|
| 87function
|
82looks up a user by name. 83.Dv NULL 84will be returned if no matching class can be found. 85.Pp
| 88looks up a user by name. 89.Dv NULL 90will be returned if no matching class can be found. 91.Pp
|
| 92The
|
86.Fn setauuser
| 93.Fn setauuser
|
| 94function
|
87resets the iterator through the 88.Xr audit_user 5 89database, causing the next call to 90.Fn getauuserent 91to start again from the beginning of the file. 92.Pp
| 95resets the iterator through the 96.Xr audit_user 5 97database, causing the next call to 98.Fn getauuserent 99to start again from the beginning of the file. 100.Pp
|
| 101The
|
93.Fn endauuser
| 102.Fn endauuser
|
| 103function
|
94closes the 95.Xr audit_user 5 96database, if open. 97.Pp
| 104closes the 105.Xr audit_user 5 106database, if open. 107.Pp
|
98.Nm au_user_mask
| 108The 109.Fn au_user_mask 110function
|
99calculates a new session audit mask to be returned via
| 111calculates a new session audit mask to be returned via
|
100.Dv mask_p
| 112.Fa mask_p
|
101for the user identified by
| 113for the user identified by
|
102.Dv username .
| 114.Fa username .
|
103If the user audit configuration is not found, the default system audit 104properties returned by
| 115If the user audit configuration is not found, the default system audit 116properties returned by
|
105.Xr getacflg 3 .
| 117.Xr getacflg 3 118are used.
|
106The resulting mask may be set via a call to
| 119The resulting mask may be set via a call to
|
107.Xr setaudit 3
| 120.Xr setaudit 2
|
108or related variants. 109.Pp
| 121or related variants. 122.Pp
|
110.Nm getfauditflags 111XXXXXXXXXXXXXXXXX
| 123The 124.Fn getfauditflags 125function generates a new process audit state by combining the audit masks 126passed as parameters with the system audit masks.
|
112.Sh SEE ALSO
| 127.Sh SEE ALSO
|
113.Xr libbsm 3 ,
| 128.Xr setaudit 2 ,
|
114.Xr getacflg 3 ,
| 129.Xr getacflg 3 ,
|
115.Xr setaudit 3 ,
| 130.Xr libbsm 3 ,
|
116.Xr audit_user 5
| 131.Xr audit_user 5
|
117.Sh AUTHORS 118This software was created by Robert Watson, Wayne Salamon, and Suresh 119Krishnaswamy for McAfee Research, the security research division of McAfee, 120Inc., under contract to Apple Computer, Inc. 121.Pp 122The Basic Security Module (BSM) interface to audit records and audit event 123stream format were defined by Sun Microsystems.
| |
124.Sh HISTORY 125The OpenBSM implementation was created by McAfee Research, the security 126division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 127It was subsequently adopted by the TrustedBSD Project as the foundation for 128the OpenBSM distribution.
| 132.Sh HISTORY 133The OpenBSM implementation was created by McAfee Research, the security 134division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 135It was subsequently adopted by the TrustedBSD Project as the foundation for 136the OpenBSM distribution.
|
| 137.Sh AUTHORS 138.An -nosplit 139This software was created by 140.An Robert Watson , 141.An Wayne Salamon , 142and 143.An Suresh Krishnaswamy 144for McAfee Research, the security research division of McAfee, 145Inc., under contract to Apple Computer, Inc. 146.Pp 147The Basic Security Module (BSM) interface to audit records and audit event 148stream format were defined by Sun Microsystems.
|
129.Sh BUGS 130These routines cannot currently distinguish between an entry not being found 131and an error accessing the database. 132The implementation should be changed to return an error via 133.Va errno 134when 135.Dv NULL 136is returned.
| 149.Sh BUGS 150These routines cannot currently distinguish between an entry not being found 151and an error accessing the database. 152The implementation should be changed to return an error via 153.Va errno 154when 155.Dv NULL 156is returned.
|