xref: /titanic_50/usr/src/man/man3bsm/getauclassent.3bsm (revision c10c16dec587a0662068f6e2991c29ed3a9db943)
te
Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
getauclassent 3BSM "31 Mar 2005" "SunOS 5.11" "Security and Auditing Library Functions"
NAME
getauclassent, getauclassnam, setauclass, endauclass, getauclassnam_r, getauclassent_r - get audit_class entry
SYNOPSIS

cc [ flag... ] file... -lbsm  -lsocket   -lnsl  [ library... ]
#include <sys/param.h>
#include <bsm/libbsm.h>

struct au_class_ent *getauclassnam( const char *name);

struct au_class_ent *getauclassnam_r( au_class_ent_t *class_int,
 const char *name);

struct au_class_ent *getauclassent(void);

struct au_class_ent *getauclassent_r( au_class_ent_t *class_int);

void setauclass(void);

void endauclass(void);
DESCRIPTION

The getauclassent() function and getauclassnam() each return an audit_class entry.

The getauclassnam() function searches for an audit_class entry with a given class name name.

The getauclassent() function enumerates audit_class entries. Successive calls to getauclassent() return either successive audit_class entries or NULL.

The setauclass() function ``rewinds'' to the beginning of the enumeration of audit_class entries. Calls to getauclassnam() may leave the enumeration in an indeterminate state, so setauclass() should be called before the first getauclassent().

The endauclass() may be called to indicate that audit_class processing is complete; the system may then close any open audit_class file, deallocate storage, and so forth.

The getauclassent_r() and getauclassnam_r() functions both return a pointer to an audit_class entry as do their similarly named counterparts. They each take an additional argument, a pointer to pre-allocated space for an au_class_ent_t, which is returned if the call is successful. To assure there is enough space for the information returned, the applications programmer should be sure to allocate AU_CLASS_NAME_MAX and AU_CLASS_DESC_MAX bytes for the ac_name and ac_desc members of the au_class_ent_t data structure.

The internal representation of an audit_user entry is an au_class_ent structure defined in <bsm/libbsm.h> with the following members:

char *ac_name;
au_class_t ac_class;
char *ac_desc;
RETURN VALUES

The getauclassnam() and getauclassnam_r() functions return a pointer to a au_class_ent structure if they successfully locate the requested entry. Otherwise they return NULL.

The getauclassent() and getauclassent_r() functions return a pointer to a au_class_ent structure if they successfully enumerate an entry. Otherwise they return NULL, indicating the end of the enumeration.

FILES

/etc/security/audit_class

file that aps audit class numbers to audit class names

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
MT-LevelMT-Safe with exceptions.

All of the functions described on this man-page are MT-Safe except getauclassent() and getauclassnam, which are Unsafe. The getauclassent_r() and getauclassnam_r() functions have the same functionality as the Unsafe functions, but have a slightly different function call interface to make them MT-Safe.

SEE ALSO

bsmconv(1M), audit_class(4), audit_event(4), attributes(5)

NOTES

All information is contained in a static area, so it must be copied if it is to be saved.

The functionality described on this manual page is available only if the Solaris Auditing has been enabled. See bsmconv(1M) for more information.