NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ATTRIBUTES | ERRORS | NOTES | SEE ALSO
#include <bsm/audit.h>int getpeerinfo(int fd, au_peergroupinfo_t *grpinfo, au_peermiscinfo_t *peerinfo);
Returns the peer process' audit attributes for the peer designated by the socket or TLI file descriptor fd. If grpinfo or peerinfo is NULL, then the corresponding information is not obtained.
The au_peergroupinfo structure has the following form:
struct peergroupinfo { ulong_t peer_ngroups /* number of elements obtained */ gid_t peer_groups[NGROUPS_UMAX]; /* peer's supplemental groups */ };
The remaining attributes are returned in peerinfo which is of type struct
au_peermiscinfo and has been allocated by the calling process. The au_peermiscinfo structure
has the following form:
struct au_peermiscinfo{ uid_t peer_ruid; /* peer's real user id */ gid_t peer_rgid; /* peer's real group id */ auditinfo_t peer_audit; /* peer's audit characteristic's */ };
where auditinfo_t is of type struct
auditinfo which has the following form:
struct auditinfo{ au_id_t ai_auid; /* audit ID */ au_mask_t ai_mask; /* preselection mask */ au_tid_t ai_termid; /* audit terminal ID */ au_asid_t ai_asid; /* audit session ID */ };
getpeerinfo() requires that either the PRIV_PROC_AUDIT_TCB
or PRIV_PROC_AUDIT_APPL
privilege be asserted in a process' effective set in order
to get the peerinfo attributes from its peer. No privileges are required to obtain just grpinfo.
getpeerinfo() returns 0 on success. On failure it returns a negative value and sets errno to indicate the error.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWcsl |
MT-Level | MT-Safe |
fd is not a valid descriptor.
fd is not a socket or TLI interface.
Insufficient resources were available in the system to perform the operation.
Could not establish connection with server.
There was an internal error in which fd pointed to a peer process that was not recognized by its host.
No such port currently active on the peer.
Type not SOCK_DGRAM or SOCK_STREAM, or either the local peer socket or TLI descriptor is not AF_INET.
The caller does not have the proper privileges.
Available only on Trusted Solaris systems with the auditing module enabled. The auditing module is enabled by default in the Trusted Solaris environment.
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ATTRIBUTES | ERRORS | NOTES | SEE ALSO