xref: /freebsd/contrib/openbsm/libbsm/au_control.3 (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1.\"-
2.\" Copyright (c) 2005-2006 Robert N. M. Watson
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#9 $
27.\"
28.Dd April 19, 2005
29.Dt AU_CONTROL 3
30.Os
31.Sh NAME
32.Nm setac ,
33.Nm endac ,
34.Nm getacdir ,
35.Nm getacmin ,
36.Nm getacfilesz ,
37.Nm getacflg ,
38.Nm getacna ,
39.Nm getacpol ,
40.Nm au_poltostr ,
41.Nm au_strtopol
42.Nd "look up information from the audit_control database"
43.Sh LIBRARY
44.Lb libbsm
45.Sh SYNOPSIS
46.In bsm/libbsm.h
47.Ft void
48.Fn setac void
49.Ft void
50.Fn endac void
51.Ft int
52.Fn getacdir "char *name" "int len"
53.Ft int
54.Fn getacmin "int *min_val"
55.Ft int
56.Fn getacfilesz "size_t *size_val"
57.Ft int
58.Fn getacflg "char *auditstr" "int len"
59.Ft int
60.Fn getacna "char *auditstr" "int len"
61.Ft int
62.Fn getacpol "char *auditstr" "size_t len"
63.Ft ssize_t
64.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
65.Ft int
66.Fn au_strtopol "const char *polstr" "long *policy"
67.Sh DESCRIPTION
68These interfaces may be used to look up information from the
69.Xr audit_control 5
70database, which contains various audit-related administrative parameters.
71.Pp
72The
73.Fn setac
74function
75resets the database iterator to the beginning of the database; see the
76.Sx BUGS
77section for more information.
78.Pp
79The
80.Fn endac
81function
82closes the
83.Xr audit_control 5
84database.
85.Pp
86The
87.Fn getacdir
88function
89returns the name of the directory where log data is stored via the passed
90character buffer
91.Fa name
92of length
93.Fa len .
94.Pp
95The
96.Fn getacmin
97function
98returns the minimum free disk space for the audit log target file system via
99the passed
100.Fa min_val
101variable.
102.Pp
103The
104.Fn getacfilesz
105function
106returns the audit trail rotation size in the passed
107.Vt size_t
108buffer
109.Fa size_val .
110.Pp
111The
112.Fn getacflg
113function
114returns the audit system flags via the the passed character buffer
115.Fa auditstr
116of length
117.Fa len .
118.Pp
119The
120.Fn getacna
121function
122returns the non-attributable flags via the passed character buffer
123.Fa auditstr
124of length
125.Fa len .
126.Pp
127The
128.Fn getacpol
129function
130returns the audit policy flags via the passed character buffer
131.Fa auditstr
132of length
133.Fa len .
134.Pp
135The
136.Fn au_poltostr
137function
138converts a numeric audit policy mask,
139.Fa policy ,
140to a string in the passed character buffer
141.Fa buf
142of lenth
143.Fa maxsize .
144.Pp
145The
146.Fn au_strtopol
147function
148converts an audit policy flags string,
149.Fa polstr ,
150to a numeric audit policy mask returned via
151.Fa policy .
152.Sh RETURN VALULES
153The
154.Fn getacdir ,
155.Fn getacmin ,
156.Fn getacflg ,
157.Fn getacna ,
158.Fn getacpol ,
159and
160.Fn au_strtopol
161functions
162return 0 on success, or a negative value on failure, along with error
163information in
164.Va errno .
165.Pp
166The
167.Fn au_poltostr
168function
169returns a string length of 0 or more on success, or a negative value on
170if there is a failure.
171.Pp
172Functions that return a string value will return a failure if there is
173insufficient room in the passed character buffer for the full string.
174.Sh SEE ALSO
175.Xr libbsm 3 ,
176.Xr audit_control 5
177.Sh HISTORY
178The OpenBSM implementation was created by McAfee Research, the security
179division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
180It was subsequently adopted by the TrustedBSD Project as the foundation for
181the OpenBSM distribution.
182.Sh AUTHORS
183.An -nosplit
184This software was created by
185.An Robert Watson ,
186.An Wayne Salamon ,
187and
188.An Suresh Krishnaswamy
189for McAfee Research, the security research division of McAfee,
190Inc., under contract to Apple Computer, Inc.
191.Pp
192The Basic Security Module (BSM) interface to audit records and audit event
193stream format were defined by Sun Microsystems.
194.Sh BUGS
195These routines cannot currently distinguish between an entry not being found
196and an error accessing the database.
197The implementation should be changed to return an error via
198.Va errno
199when
200.Dv NULL
201is returned.
202.Sh BUGS
203There is no reason for the
204.Fn setac
205interface to be exposed as part of the public API, as it is called implicitly
206by other access functions and iteration is not supported.
207.Pp
208These interfaces inconsistently return various negative values depending on
209the failure mode, and do not always set
210.Va errno
211on failure.
212