FreeBSD 7.0 manual page repository

FreeBSD is a free computer operating system based on BSD UNIX originally. Many IT companies, like DeployIS is using it to provide an up-to-date, stable operating system.

audit_submit - general purpose audit record submission

 

NAME

      audit_submit - general purpose audit record submission
 

LIBRARY

      library “libbsm”
 

SYNOPSIS

      #include <bsm/libbsm.h>
 
      int
      audit_submit(short au_event, au_id_t auid, char status, int reterr,
              const char * restrict format, ...);
 

DESCRIPTION

      The audit_submit() function provides a generic programming interface for
      audit record submission.  This audit record will contain a header, sub‐
      ject token, an optional text token, return token, and a trailer.  The
      header will contain the event class specified by au_event.  The subject
      token will be generated based on au_ctx.  The return token is dependent
      on the status and reterr arguments.  Optionally, a text token will be
      created as a part of this record.
 
      Text token output is under the control of a format string that specifies
      how subsequent arguments (or arguments accessed via the variable-length
      argument facilities of stdarg(3)) are converted for output.  If format is
      NULL, then no text token is created in the audit record.
 
      It should be noted that audit_submit() assumes that setaudit(2), or
      setaudit_addr(2) has already been called.  As a direct result, the termi‐
      nal ID for the subject will be retrieved from the kernel via getaudit(2),
      or getaudit_addr(2).
 

EXAMPLES

            #include <bsm/audit.h>
            #include <bsm/libbsm.h>
            #include <bsm/audit_uevents.h>
 
            #include <stdio.h>
            #include <stdarg.h>
            #include <errno.h>
 
            int
            audit_bad_su(char *from_login, char *to_login)
            {
                    int error;
 
                    error = audit_submit(AUE_su, getuid(), 1, EPERM,
                        "bad su from %s to %s", from_login, to_login);
                    return (error);
            }
 
      Will generate the following audit record:
 
            header,94,1,su(1),0,Mon Apr 17 23:23:59 2006, + 271 msec
            subject,root,root,wheel,root,wheel,652,652,0,0.0.0.0
            text,bad su from from csjp to root
            return,failure : Operation not permitted,1
            trailer,94
      auditon(2), getaudit(2), libbsm(3), stdarg(3)
 

HISTORY

      The audit_submit() function first appeared in OpenBSM version 1.0.
      OpenBSM 1.0 was introduced in FreeBSD 7.0.
 

AUTHORS

      The audit_submit() function was written by Christian S.J. Peron
      〈csjp@FreeBSD.org〉.
 

Sections

Based on BSD UNIX
FreeBSD is an advanced operating system for x86 compatible (including Pentium and Athlon), amd64 compatible (including Opteron, Athlon64, and EM64T), UltraSPARC, IA-64, PC-98 and ARM architectures. It is derived from BSD, the version of UNIX developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals. Additional platforms are in various stages of development.