xref: /titanic_51/usr/src/man/man3bsm/au_user_mask.3bsm (revision 5eb667aca135f8c963f5eb9e534c0cd1fdc81fcd)
te
Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
au_user_mask 3BSM "31 Mar 2005" "SunOS 5.11" "Security and Auditing Library Functions"
NAME
au_user_mask - get user's binary preselection mask
SYNOPSIS

cc [ flag... ] file... -lbsm  -lsocket   -lnsl  [ library... ]
#include <bsm/libbsm.h>

int au_user_mask(char *username, au_mask_t *mask_p);
DESCRIPTION

The au_user_mask() function reads the default, system wide audit classes from audit_control(4), combines them with the per-user audit classes from the audit_user(4) database, and updates the binary preselection mask pointed to by mask_p with the combined value.

The audit flags in the flags field of the audit_control(4) database and the always-audit-flags and never-audit-flags from the audit_user(4) database represent binary audit classes. These fields are combined by au_preselect(3BSM) as follows:

mask = ( flags + always-audit-flags) - never-audit-flags

The au_user_mask() function fails only if both the both the audit_control(4) and the audit_user(4) database entries could not be retrieved. This allows for flexible configurations.

RETURN VALUES

Upon successful completion, au_user_mask() returns 0. It fails and returns -1 if both the audit_control(4) and the audit_user(4) database entries could not be retrieved.

FILES

/etc/security/audit_control

file containing default parameters read by the audit daemon, auditd(1M)

/etc/security/audit_user

file that stores per-user audit event mask

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityStable
MT-LevelMT-Safe
SEE ALSO

login(1), bsmconv(1M), getaudit(2), setaudit(2), au_preselect(3BSM), getacinfo(3BSM), getauusernam(3BSM), audit_control(4), audit_user(4), attributes(5)

NOTES

The au_user_mask() function should be called by programs like login(1) which set a process's preselection mask with setaudit(2). getaudit(2) should be used to obtain audit characteristics for the current process.

The functionality described on this manual page is available only if the Solaris Auditing has been enabled. See bsmconv(1M) for more information.