GETACINFO(3BSM)GETACINFO(3BSM)NAME
getacinfo, getacdir, getacflg, getacmin, getacna, setac, endac - get
audit control file information
SYNOPSIS
cc [ flag... ] file... -lbsm-lsocket -lnsl [ library... ]
#include <bsm/libbsm.h>
int getacdir( char *dir, int len);
int getacmin( int *min_val);
int getacflg( char *auditstring, int len);
int getacna( char *auditstring, int len);
void setac(void);
void endac(void);
DESCRIPTION
When first called, getacdir() provides information about the first
audit directory in the audit_control file. Thereafter, it returns the
next directory in the file. Successive calls list all the directories
listed in audit_control(4) The len argument specifies the length of the
buffer dir. On return, dir points to the directory entry.
The getacmin() function reads the minimum value from the audit_control
file and returns the value in min_val. The minimum value specifies how
full the file system to which the audit files are being written can get
before the script audit_warn(1M) is invoked.
The getacflg() function reads the system audit value from the
audit_control file and returns the value in auditstring. The len argu‐
ment specifies the length of the buffer auditstring.
The getacna() function reads the system audit value for non-attribut‐
able audit events from the audit_control file and returns the value in
auditstring. The len argument specifies the length of the buffer audit‐
string. Non-attributable events are events that cannot be attributed to
an individual user. The inetd(1M) utility and several other daemons
record non-attributable events.
The setac() function rewinds the audit_control file to allow repeated
searches.
The endac() function closes the audit_control file when processing is
complete.
FILES
/etc/security/audit_control
file containing default parameters read by the audit daemon,
auditd(1M)RETURN VALUES
The getacdir(), getacflg(), getacna(), and getacmin() functions return:
0
on success.
−2
on failure and set errno to indicate the error.
The getacmin() and getacflg() functions return:
1
on EOF.
The getacdir() function returns:
−1
on EOF.
2
if the directory search had to start from the beginning
because one of the other functions was called between calls to
getacdir().
These functions return:
−3
if the directory entry format in the audit_control file is
incorrect.
The getacdir(), getacflg(), and getacna() functions return:
−3
if the input buffer is too short to accommodate the record.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌───────────────┬─────────────────┐
│ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├───────────────┼─────────────────┤
│MT-Level │ Safe │
└───────────────┴─────────────────┘
SEE ALSOaudit_warn(1M), bsmconv(1M), inetd(1M), audit_control(4), attributes(5)NOTES
The functionality described on this manual page is available only if
the Solaris Auditing has been enabled. See bsmconv(1M) for more infor‐
mation.
Mar 31, 2005 GETACINFO(3BSM)