cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ] #include <bsm/libbsm.h>
int getacdir( char *dir, int len);
int getacmin( int *min_val);
int getacflg( char *auditstring, int len);
int getacna( char *auditstring, int len);
void setac( void);
void endac( void);
When first called, getacdir() provides information about the first audit directory in the audit_control file. Thereafter, it returns the next directory in the file. Successive calls list all the directories listed in audit_control(4) The len argument specifies the length of the buffer dir. On return, dir points to the directory entry.
The getacmin() function reads the minimum value from the audit_control file and returns the value in min_val. The minimum value specifies how full the file system to which the audit files are being written can get before the script audit_warn(1M) is invoked.
The getacflg() function reads the system audit value from the audit_control file and returns the value in auditstring. The len argument specifies the length of the buffer auditstring.
The getacna() function reads the system audit value for non-attributable audit events from the audit_control file and returns the value in auditstring. The len argument specifies the length of the buffer auditstring. Non-attributable events are events that cannot be attributed to an individual user. The inetd(1M) utility and several other daemons record non-attributable events.
The setac() function rewinds the audit_control file to allow repeated searches.
The endac() function closes the audit_control file when processing is complete.
/etc/security/audit_control file containing default parameters read by the audit daemon, auditd(1M)
The getacdir(), getacflg(), getacna(), and getacmin() functions return:
0 on success.
-2 on failure and set errno to indicate the error.
The getacmin() and getacflg() functions return:
1 on EOF.
The getacdir() function returns:
-1 on EOF.
2 if the directory search had to start from the beginning because one of the other functions was called between calls to getacdir().
These functions return:
-3 if the directory entry format in the audit_control file is incorrect.
The getacdir(), getacflg(), and getacna() functions return:
-3 if the input buffer is too short to accommodate the record.
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
audit_warn(1M), bsmconv(1M), inetd(1M), audit_control(4), attributes(5)
The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.