NAME | SYNOPSIS | DESCRIPTION | FILES | RETURN VALUES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO
#include <bsm/libbsm.h>int getacdir( char *dir, int len);
When first called, getacdir() provides information about the first audit directory in the audit_control file; thereafter, it returns the next directory in the file. Successive calls list all the directories listed in audit_control(4). The parameter len specifies the length of the buffer dir. On return, dir points to the directory entry.
getacmin() reads the minimum value from the audit_control file and returns the value in min_val. The minimum value specifies how full the file system to which the audit files are being written can get before the script audit_warn(1M) is invoked.
getacflg() reads the system audit value from the audit_control file and returns the value in auditstring. The parameter len specifies the length of the buffer auditstring.
getacna() reads the system audit value for non-attributable audit events from the audit_control file and returns the value in auditstring. The parameter len specifies the length of the buffer auditstring. Non-attributable events are events that cannot be attributed to an individual user. inetd(1M) and several other daemons record non-attributable events.
Calling setac rewinds the audit_control file to allow repeated searches.
Calling endac closes the audit_control file when processing is complete.
getacdir(), getacflg(), getacna() and getacmin() return:
on success.
On failure and set errno to indicate the error.
getacmin() and getacflg() return:
On EOF.
getacdir() returns:
on EOF.
if the directory search had to start from the beginning because one of the other functions was called between calls to getacdir().
These functions return:
If the directory entry format in the audit_control file is incorrect.
getacdir(), getacflg() and getacna() return:
If the input buffer is too short to accommodate the record.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
MT-Level | Safe. |
The functionality described in this man page is available only if auditing has been enabled. By default, auditing is enabled in the Trusted Solaris environment.
audit_warn(1M), inetd(1M), audit_control(4)
NAME | SYNOPSIS | DESCRIPTION | FILES | RETURN VALUES | ATTRIBUTES | SUMMARY OF TRUSTED SOLARIS CHANGES | SEE ALSO