1.\"- 2.\" Copyright (c) 2005 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#4 $ 27.\" 28.Dd April 19, 2005 29.Dt AU_CONTROL 3 30.Os 31.Sh NAME 32.Nm setac , 33.Nm endac , 34.Nm getacdir , 35.Nm getacmin , 36.Nm getacflg , 37.Nm getacna , 38.Nm getacpol , 39.Nm au_poltostr 40.Nm au_strtopol 41.Nd "Look up information from the audit_control database" 42.Sh LIBRARY 43.Lb libbsm 44.Sh SYNOPSIS 45.In libbsm.h 46.Ft void 47.Fn setac "void" 48.Ft void 49.Fn endac "void" 50.Ft int 51.Fn getacdir "char *name" "int len" 52.Ft int 53.Fn getacmin "int *min_val" 54.Ft int 55.Fn getacflg "char *auditstr" "int len" 56.Ft int 57.Fn getacna "char *auditstr" "int len" 58.Ft int 59.Fn getacpol "char *auditstr" "size_t len" 60.Ft ssize_t 61.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" 62.Ft int 63.Fn au_strtopol "const char *polstr" "long *policy" 64.Sh DESCRIPTION 65These interfaces may be used to look up information from the 66.Xr audit_control 5 67database, which contains various audit-related administrative parameters. 68.Pp 69.Fn setac 70resets the database iterator to the beginning of the database; see the 71BUGS section for more information. 72.Pp 73.Fn sendac 74closes the 75.Xr audit_control 5 76database. 77.Pp 78.Fn getacdir 79returns the name of the directory where log data is stored via the passed 80character buffer 81.Va name 82of length 83.Va len . 84.Pp 85.Fn getacmin 86returns the minimum free disk space for the audit log target file system via 87the passed 88.Va min_val 89variable. 90.Pp 91.Fn getacflg 92returns the audit system flags via the the passed character buffer 93.Va auditstr 94of length 95.Va len . 96.Pp 97.Fn getacna 98returns the non-attributable flags via the passed character buffer 99.Va auditstr 100of length 101.Va len . 102.Pp 103.Fn getacpol 104returns the audit policy flags via the passed character buffer 105.Va auditstr 106of length 107.Va len . 108.Pp 109.Fn au_poltostr 110converts a numeric audit policy mask, 111.Va policy , 112value to a string in the passed character buffer 113.Va buf 114of lenth 115.Va maxsize . 116.Pp 117.Fn au_strtopol 118converts an audit policy flags string, 119.Va polstr , 120to a numeric audit policy mask returned via 121.Va policy . 122.Sh RETURN VALULES 123.Fn getacdir , 124.Fn getacmin , 125.Fn getacflg , 126.Fn getacna , 127.Fn getacpol , 128and 129.Fn au_strtopol 130return 0 on success, or a negative value on failure, along with error 131information in 132.Va errno . 133.Pp 134.Fn au_poltostr 135returns a string length of 0 or more on success, or a negative value on 136if there is a failure. 137.Pp 138Functions that return a string value will return a failure if there is 139insufficient room in the passed character buffer for the full string. 140.Sh SEE ALSO 141.Xr libbsm 3 , 142.Xr audit_control 5 143.Sh AUTHORS 144This software was created by Robert Watson, Wayne Salamon, and Suresh 145Krishnaswamy for McAfee Research, the security research division of McAfee, 146Inc., under contract to Apple Computer, Inc. 147.Pp 148The Basic Security Module (BSM) interface to audit records and audit event 149stream format were defined by Sun Microsystems. 150.Sh HISTORY 151The OpenBSM implementation was created by McAfee Research, the security 152division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 153It was subsequently adopted by the TrustedBSD Project as the foundation for 154the OpenBSM distribution. 155.Sh BUGS 156These routines cannot currently distinguish between an entry not being found 157and an error accessing the database. 158The implementation should be changed to return an error via 159.Va errno 160when 161.Dv NULL 162is returned. 163.Sh BUGS 164There is no reason for the 165.Fn setac 166interface to be exposed as part of the public API, as it is called implicitly 167by other access functions and iteration is not supported. 168.Pp 169These interfaces inconsistently return various negative values depending on 170the failure mode, and do not always set 171.Va errno 172on failure. 173