1.\"- 2.\" Copyright (c) 2005 Tom Rhodes 3.\" Copyright (c) 2005 Robert N. M. Watson 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.2#6 $ 28.\" 29.Dd April 19, 2005 30.Dt AUDIT 2 31.Os 32.Sh NAME 33.Nm audit 34.Nd "Commit a BSM audit record to the audit log" 35.Sh SYNOPSIS 36.In bsm/audit.h 37.Ft int 38.Fn audit "const char *record" "u_int length" 39.Sh DESCRIPTION 40.Fn audit 41submits a completed BSM audit record to the system audit log. 42.Pp 43.Fa record 44is a pointer to the the specific event to be recorded and 45.Vt length 46is the size in bytes of the data to be written. 47.Sh RETURN VALUES 48.Rv -std 49.Sh ERRORS 50The 51.Fn audit 52system call will fail and the data never written if: 53.Bl -tag -width Er 54.It Bq Er EFAULT 55The 56.Fa record 57argument is beyond the allocated address space of the process. 58.It Bq Er EINVAL 59The token ID is invalid or 60.Vt length 61is larger than 62.Vt MAXAUDITDATA . 63.It Bq Er EPERM 64The process does not have sufficient permission to complete 65the operation. 66.El 67.Sh SEE ALSO 68.Xr auditon 2 , 69.Xr getauid 2 , 70.Xr setauid 2 , 71.Xr getaudit 2 , 72.Xr setaudit 2 , 73.Xr getaudit_addr 2 , 74.Xr setaudit_addr 2 , 75.Xr libbsm 3 76.Sh AUTHORS 77This software was created by McAfee Research, the security research division 78of McAfee, Inc., under contract to Apple Computer Inc. 79Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. 80.Pp 81The Basic Security Module (BSM) interface to audit records and audit event 82stream format were defined by Sun Microsystems. 83.Pp 84This manual page was written by 85.An Tom Rhodes Aq trhodes@FreeBSD.org . 86.Sh HISTORY 87The OpenBSM implementation was created by McAfee Research, the security 88division of McAfee Inc., under contract to Apple Computer Inc. in 2004. 89It was subsequently adopted by the TrustedBSD Project as the foundation for 90the OpenBSM distribution. 91.Sh BUGS 92The 93.Fx 94kernel does not fully validate that the argument passed is syntactically 95valid BSM. 96Submitting invalid audit records may corrupt the audit log. 97