Command Line Arguments

The AW_EXEC_ARGS token lets you place the command line arguments stored in argv in the audit record.

main(argc, argv)
int argc;
char **argv;
{
/* Application code */
/* ... */
	auditwrite(AW_EVENT,
		"AUE_second_signature",
		AW_EXEC_ARGS, argv
		AW_WRITE, AW_END);
}

The viewing terminal shows this record when the program is executed as follows: program Hello World!:

header,120,3,second signature requested,,Fri Mar 21 09:31:01 1997,
 +989 msec
exec_args,3,
program,Hello World!
subject,zelda,zelda,staff,zelda,staff,420,286,0 0 phoenix
slabel,C
return,success,0

Previous: Argument Information
Next: Privilege Sets