getaudit(2)
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ERRORS | USAGE | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO
NAME
- getaudit, setaudit- Get and set process audit information
SYNOPSIS
-
cc [flags...] file
... -lbsm -lsocket -lnsl -lintl [library...]
#include <sys/param.h> #include <bsm/audit.h>int getaudit(struct auditinfo * info);
int setaudit(struct auditinfo * info);
DESCRIPTION
getaudit() gets the audit ID , the preselection mask, the terminal ID , and the audit session ID of the current process.
setaudit() sets the audit ID , the preselection mask, the terminal ID , and the audit session ID for the current process.
The info structure used to pass the process audit information contains the following members:
au_id_t ai_auid; /* audit user ID */ au_mask_t ai_mask; /* preselection mask */ au_tid_t ai_termid; /* terminal ID */ au_asid_t ai_asid; /* audit session ID */
To execute these commands successfully, a process needs certain privileges in its set of effective privileges: for
getaudit()
, a process needs
PRIV_SYS_AUDIT
,
PRIV_PROC_AUDIT_TCB
, or
PRIV_PROC_AUDIT_APPL
; for
setaudit()
,
PRIV_SYS_AUDIT
.
RETURN VALUES
ERRORS
- EFAULT
-
The info parameter points outside the process's allocated address space.
- EPERM
-
The process did not have the appropriate privilege.
The getaudit() and setaudit() functions will fail if:
USAGE
Only processes with the appropriate privileges may successfully execute these calls.
SUMMARY OF TRUSTED SOLARIS CHANGES
This functionality is active only if auditing is enabled. By default, auditing is enabled in the Trusted Solaris environment. See Trusted Solaris Audit Administration for more information.
As explained in DESCRIPTION , privileges are needed to run this command successfully.
SEE ALSO
Trusted Solaris 7 Last Revised 5 May 1998NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ERRORS | USAGE | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO
- © 2010, Oracle Corporation and/or its affiliates