xref: /illumos-gate/usr/src/lib/auditd_plugins/auditd.h (revision 430fb0518974971393f591123b410c866df1855a)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  *
25  * Copyright 2017 Tintri by DDN, Inc. All rights reserved.
26  *
27  * This is an unstable interface; changes may be made without
28  * notice.
29  */
30 
31 #ifndef	_AUDITD_H
32 #define	_AUDITD_H
33 
34 #include <secdb.h>
35 #include <sys/types.h>
36 
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40 
41 /*
42  * "WARN" errors trigger calls to audit_warn
43  */
44 enum auditd_rc {
45 	AUDITD_SUCCESS,	/*   ok						*/
46 	AUDITD_RETRY,	/*   retry after a delay	(WARN retry)	*/
47 	AUDITD_NO_MEMORY, /* can't allocate memory	(WARN no_memory) */
48 	AUDITD_INVALID,	/*   bad input			(WARN invalid)	*/
49 	AUDITD_COMM_FAIL, /* communications failure			*/
50 	AUDITD_FATAL,	/*   other error		(WARN failure)	*/
51 	AUDITD_FAIL,	/*   other non-fatal error			*/
52 	AUDITD_DISCARD	/*   Discarded message				*/
53 };
54 typedef enum auditd_rc auditd_rc_t;
55 
56 /*
57  * auditd_plugin()
58  *	arg 1 - input buffer, binary Solaris audit record
59  *	arg 2 - input buffer length
60  *	arg 3 - record sequence number
61  *	arg 4 - optional explanation of error return (use NULL,
62  *		not an empty string if not used.)
63  */
64 auditd_rc_t	auditd_plugin(const char *, size_t, uint64_t, char **);
65 /*
66  * auditd_plugin_open()
67  *	arg 1 - attr/val struct, use with kva_match()
68  *	arg 2 - attr/value pair string:  attr1=value1;attr2=value2
69  *	arg 3 - optional explanation of error return (use NULL,
70  *		not an empty string if not used.)
71  *
72  *	make local copy of args 1 and 2; they are trashed after return.
73  */
74 auditd_rc_t	auditd_plugin_open(const kva_t *, char **, char **);
75 
76 /*
77  * auditd_plugin_close()
78  *	arg 1 - optional explanation of error return (use NULL,
79  *		not an empty string if not used.)
80  */
81 auditd_rc_t	auditd_plugin_close(char **);
82 
83 #ifdef	__cplusplus
84 }
85 #endif
86 
87 #endif	/* _AUDITD_H */
88