xref: /titanic_50/usr/src/man/man3bsm/getauusernam.3bsm (revision ed22c7109fc5dd9e1b7a5d0333bdc7ad2718e2ab)
te
Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
GETAUUSERNAM 3BSM "Mar 31, 2005"
NAME
getauusernam, getauuserent, setauuser, endauuser, getauusernam_r, getauuserent_r - get audit_user entry
SYNOPSIS

cc [ flag... ] file... -lbsm  -lsocket   -lnsl  [ library... ]
#include <sys/param.h>
#include <bsm/libbsm.h>

struct au_user_ent *getauusernam(const char *name);

struct au_user_ent *getauuserent(void);

void setauuser(void);

void endauuser(void);

struct au_user_ent *getauusernam_r(au_user_ent_t *u, const char *name);

struct au_user_ent *getauuserent_r(au_user_ent_t *u);
DESCRIPTION

The getauuserent(), getauusernam(), getauuserent_r(), and getauusernam_r() functions each return an audit_user entry. Entries can come from any of the sources specified in the /etc/nsswitch.conf file (see nsswitch.conf(4)).

The getauusernam() and getauusernam_r() functions search for an audit_user entry with a given login name name.

The getauuserent() and getauuserent_r() functions enumerate audit_user entries; successive calls to these functions will return either successive audit_user entries or NULL.

The setauuser() function "rewinds" to the beginning of the enumeration of audit_user entries. Calls to getauusernam() and getauusernam_r() may leave the enumeration in an indeterminate state, so setauuser() should be called before the first call to getauuserent() or getauuserent_r().

The endauuser() function may be called to indicate that audit_user processing is complete; the system may then close any open audit_user file, deallocate storage, and so forth.

The getauuserent_r() and getauusernam_r() functions both take as an argument a pointer to an au_user_ent that is returned on successful function calls.

The internal representation of an audit_user entry is an au_user_ent structure defined in <bsm/libbsm.h> with the following members:

char *au_name;
au_mask_t au_always;
au_mask_t au_never;
RETURN VALUES

The getauusernam() function returns a pointer to a au_user_ent structure if it successfully locates the requested entry. Otherwise it returns NULL.

The getauuserent() function returns a pointer to a au_user_ent structure if it successfully enumerates an entry. Otherwise it returns NULL, indicating the end of the enumeration.

USAGE

The functionality described on this manual page is available only if the Solaris Auditing has been enabled. See bsmconv(1M) for more information.

FILES
/etc/security/audit_user

file that stores per-user audit event mask

/etc/passwd

file that stores user ID to username mappings

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
MT-Level MT-Safe with exceptions
SEE ALSO

bsmconv(1M), getpwnam(3C), audit_user(4), nsswitch.conf(4), passwd(4), attributes(5)

NOTES

All information for the getauuserent() and getauusernam() functions is contained in a static area, so it must be copied if it is to be saved.

The getauusernam() and getauuserent() functions are Unsafe in multithreaded applications. The getauusernam_r() and getauuserent_r() functions provide the same functionality with interfaces that are MT-Safe.