1.\"- 2.\" Copyright (c) 2005-2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#5 $ 27.\" 28.Dd April 19, 2005 29.Dt AU_CONTROL 3 30.Os 31.Sh NAME 32.Nm setac , 33.Nm endac , 34.Nm getacdir , 35.Nm getacmin , 36.Nm getacfilesz , 37.Nm getacflg , 38.Nm getacna , 39.Nm getacpol , 40.Nm au_poltostr 41.Nm au_strtopol 42.Nd "Look up information from the audit_control database" 43.Sh LIBRARY 44.Lb libbsm 45.Sh SYNOPSIS 46.In libbsm.h 47.Ft void 48.Fn setac "void" 49.Ft void 50.Fn endac "void" 51.Ft int 52.Fn getacdir "char *name" "int len" 53.Ft int 54.Fn getacmin "int *min_val" 55.Ft int 56.Fn getacfilesz "size_t *size_val" 57.Ft int 58.Fn getacflg "char *auditstr" "int len" 59.Ft int 60.Fn getacna "char *auditstr" "int len" 61.Ft int 62.Fn getacpol "char *auditstr" "size_t len" 63.Ft ssize_t 64.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" 65.Ft int 66.Fn au_strtopol "const char *polstr" "long *policy" 67.Sh DESCRIPTION 68These interfaces may be used to look up information from the 69.Xr audit_control 5 70database, which contains various audit-related administrative parameters. 71.Pp 72.Fn setac 73resets the database iterator to the beginning of the database; see the 74BUGS section for more information. 75.Pp 76.Fn sendac 77closes the 78.Xr audit_control 5 79database. 80.Pp 81.Fn getacdir 82returns the name of the directory where log data is stored via the passed 83character buffer 84.Va name 85of length 86.Va len . 87.Pp 88.Fn getacmin 89returns the minimum free disk space for the audit log target file system via 90the passed 91.Va min_val 92variable. 93.Pp 94.Fn getacfilesz 95returns the audit trail rotation size in the passed size_t buffer 96.Fa size_val . 97.Pp 98.Fn getacflg 99returns the audit system flags via the the passed character buffer 100.Va auditstr 101of length 102.Va len . 103.Pp 104.Fn getacna 105returns the non-attributable flags via the passed character buffer 106.Va auditstr 107of length 108.Va len . 109.Pp 110.Fn getacpol 111returns the audit policy flags via the passed character buffer 112.Va auditstr 113of length 114.Va len . 115.Pp 116.Fn au_poltostr 117converts a numeric audit policy mask, 118.Va policy , 119value to a string in the passed character buffer 120.Va buf 121of lenth 122.Va maxsize . 123.Pp 124.Fn au_strtopol 125converts an audit policy flags string, 126.Va polstr , 127to a numeric audit policy mask returned via 128.Va policy . 129.Sh RETURN VALULES 130.Fn getacdir , 131.Fn getacmin , 132.Fn getacflg , 133.Fn getacna , 134.Fn getacpol , 135and 136.Fn au_strtopol 137return 0 on success, or a negative value on failure, along with error 138information in 139.Va errno . 140.Pp 141.Fn au_poltostr 142returns a string length of 0 or more on success, or a negative value on 143if there is a failure. 144.Pp 145Functions that return a string value will return a failure if there is 146insufficient room in the passed character buffer for the full string. 147.Sh SEE ALSO 148.Xr libbsm 3 , 149.Xr audit_control 5 150.Sh AUTHORS 151This software was created by Robert Watson, Wayne Salamon, and Suresh 152Krishnaswamy for McAfee Research, the security research division of McAfee, 153Inc., under contract to Apple Computer, Inc. 154.Pp 155The Basic Security Module (BSM) interface to audit records and audit event 156stream format were defined by Sun Microsystems. 157.Sh HISTORY 158The OpenBSM implementation was created by McAfee Research, the security 159division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. 160It was subsequently adopted by the TrustedBSD Project as the foundation for 161the OpenBSM distribution. 162.Sh BUGS 163These routines cannot currently distinguish between an entry not being found 164and an error accessing the database. 165The implementation should be changed to return an error via 166.Va errno 167when 168.Dv NULL 169is returned. 170.Sh BUGS 171There is no reason for the 172.Fn setac 173interface to be exposed as part of the public API, as it is called implicitly 174by other access functions and iteration is not supported. 175.Pp 176These interfaces inconsistently return various negative values depending on 177the failure mode, and do not always set 178.Va errno 179on failure. 180