FreeBSD 7.0 manual page repository

FreeBSD is a free computer operating system based on BSD UNIX originally. Many IT companies, like DeployIS is using it to provide an up-to-date, stable operating system.

audit_submit - general purpose audit record submission



      audit_submit - general purpose audit record submission


      library “libbsm”


      #include <bsm/libbsm.h>
      audit_submit(short au_event, au_id_t auid, char status, int reterr,
              const char * restrict format, ...);


      The audit_submit() function provides a generic programming interface for
      audit record submission.  This audit record will contain a header, sub‐
      ject token, an optional text token, return token, and a trailer.  The
      header will contain the event class specified by au_event.  The subject
      token will be generated based on au_ctx.  The return token is dependent
      on the status and reterr arguments.  Optionally, a text token will be
      created as a part of this record.
      Text token output is under the control of a format string that specifies
      how subsequent arguments (or arguments accessed via the variable-length
      argument facilities of stdarg(3)) are converted for output.  If format is
      NULL, then no text token is created in the audit record.
      It should be noted that audit_submit() assumes that setaudit(2), or
      setaudit_addr(2) has already been called.  As a direct result, the termi‐
      nal ID for the subject will be retrieved from the kernel via getaudit(2),
      or getaudit_addr(2).


            #include <bsm/audit.h>
            #include <bsm/libbsm.h>
            #include <bsm/audit_uevents.h>
            #include <stdio.h>
            #include <stdarg.h>
            #include <errno.h>
            audit_bad_su(char *from_login, char *to_login)
                    int error;
                    error = audit_submit(AUE_su, getuid(), 1, EPERM,
                        "bad su from %s to %s", from_login, to_login);
                    return (error);
      Will generate the following audit record:
            header,94,1,su(1),0,Mon Apr 17 23:23:59 2006, + 271 msec
            text,bad su from from csjp to root
            return,failure : Operation not permitted,1
      auditon(2), getaudit(2), libbsm(3), stdarg(3)


      The audit_submit() function first appeared in OpenBSM version 1.0.
      OpenBSM 1.0 was introduced in FreeBSD 7.0.


      The audit_submit() function was written by Christian S.J. Peron


Based on BSD UNIX
FreeBSD is an advanced operating system for x86 compatible (including Pentium and Athlon), amd64 compatible (including Opteron, Athlon64, and EM64T), UltraSPARC, IA-64, PC-98 and ARM architectures. It is derived from BSD, the version of UNIX developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals. Additional platforms are in various stages of development.