getauid

, setauid

- get or set user audit identity

Synopsis

cc [ flag ... ] file ... -lbsm -lsocket -lnsl  [ library ... ]
#include <sys/param.h>
#include <bsm/libbsm.h>

int getauid(au_id_t *auid);

int setauid(au_id_t *auid);

Description

The getauid() function returns the audit user ID for the current process. This value is initially set at login time and inherited by all child processes. This value does not change when the real/effective user IDs change, so it can be used to identify the logged-in user even when running a setuid program. The audit user ID governs audit decisions for a process.

The setauid() function sets the audit user ID for the current process.

Return Values

Upon successful completion, the getauid() function returns the audit user ID of the current process on success. Otherwise, it returns -1 and sets errno to indicate the error.

Upon successful completion the setauid() function returns 0. Otherwise, -1 is returned and errno is set to indicate the error.

Errors

The getauid() and setauid() functions will fail if:

EFAULT

The auid argument points to an invalid address.

EPERM

The {PRIV_SYS_AUDIT} privilege is not asserted in the effective set of the calling process.

The getauid() function will fail if:

EPERM

The {PRIV_PROC_AUDIT} privilege is not asserted in the effective set of the calling process.

Usage

Only a process with appropriate privileges can successfully execute these calls.

See Also

bsmconv(1M), audit(2), getaudit(2), privileges(5)

Notes

The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

These functions have been superseded by getaudit(2) and setaudit().