Security and Auditing Library Functions auto(3BSM)
NAME
auto, autoarg, autoarg32, autoarg64, autoattr,
autocmd, autodata, autogroups, autoinaddr,
autoipc, autoiport, autome, autonewgroups,
autoopaque, autopath, autoprocess, autoprocessex,
autoreturn, autoreturn32, autoreturn64, autosocket,
autosubject, autosubjectex, autotext - create audit
record tokens
SYNOPSIS
cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ]
#include
#include
#include
#include
tokent *autoarg(char n, char *text, uint32t v);
tokent *autoarg32(char n, char *text, uint32t v);
tokent *autoarg64(char n, char *text, uint64t v);
tokent *autoattr(struct vattr *attr);
tokent *autocmd(uintt argc, char **argv, char **envp);
tokent *autodata(char unitprint, char unittype, char unitcount,
char *p);
tokent *autogroups(int *groups);
tokent *autoinaddr(struct inaddr *internetaddr);
tokent *autoipc(char type, int id);
tokent *autoiport(ushortt iport);
tokent *autome(void);
tokent *autonewgroups(int n, gidt *groups);
SunOS 5.11 Last change: 31 Mar 2005 1
Security and Auditing Library Functions auto(3BSM)
tokent *autoopaque(char *data, short bytes);
tokent *autopath(char *path);
tokent *autoprocess(auidt auid, uidt euid, gidt egid,
uidt ruid, gidt rgid, pidt pid, auasidt sid, autidt *tid);
tokent *autoprocessex(auidt auid, uidt euid, gidt egid,
uidt ruid, gidt rgid, pidt pid, auasidt sid, autidaddrt *tid);
tokent *autoreturn(char number, uin32tt value);
tokent *autoreturn32(char number, uin32tt value);
tokent *autoreturn64(char number, uin64tt value);
tokent *autosocket(struct oldsocket *so);
tokent *autosubject(auidt auid, uidt euid, gidt egid,
uidt ruid, gidt rgid, pidt pid, auasidt sid, autidt *tid);
tokent *autosubjectex(auidt auid, uidt euid, gidt egid,
uidt ruid, gidt rgid, pidt pid, auasidt sid, autidaddrt *tid);
tokent *autotext(char *text);
DESCRIPTION
The autoarg(), autoarg32(), and autoarg64() functions
format the data in v into an "argument token". The n argu-
ment indicates the argument number. The text argument is a
null-terminated string describing the argument.
The autoattr() function formats the data pointed to by
attr into a "vnode attribute token".
The autocmd() function formats the data pointed to by argv
into a "command token". A command token reflects a command
and its parameters as entered. For example, the pfexec(1)
utility uses autocmd() to record the command and arguments
SunOS 5.11 Last change: 31 Mar 2005 2
Security and Auditing Library Functions auto(3BSM)
it reads from the command line.
The autodata() function formats the data pointed to by p
into an "arbitrary data token". The unitprint parameter
determines the preferred display base of the data and is one
of AUPBINARY, AUPOCTAL, AUPDECIMAL, AUPHEX, or
AUPSTRING. The unittype parameter defines the basic unit
of data and is one of AURBYTE, AURCHAR, AURSHORT,
AURINT, or AURLONG. The unitcount parameter specifies
the number of basic data units to be used and must be posi-
tive.
The autogroups() function formats the array of 16 integers
pointed to by groups into a "groups token". The
autonewgroups() function (see below) should be used in
place of this function.
The autoinaddr() function formats the data pointed to by
internetaddr into an "internet address token".
The autoipc() function formats the data in the id parame-
ter into an "interprocess communications ID token".
The autoiport() function formats the data pointed to by
iport into an "ip port address token".
The autome() function collects audit information from the
current process and creates a "subject token" by calling
autosubject().
The autonewgroups() function formats the array of n
integers pointed to by groups into a "newgroups token". This
function should be used in place of autogroups().
The autoopaque() function formats the bytes bytes pointed
to by data into an "opaque token". The value of size must be
positive.
The autopath() function formats the path name pointed to
by path into a ``path token.''
SunOS 5.11 Last change: 31 Mar 2005 3
Security and Auditing Library Functions auto(3BSM)
The autoprocess() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group
ID), a ruid (real user ID), a rgid (real group ID), a pid
(process ID), an sid (audit session ID), and a tid (audit
terminal ID containing an IPv4 IP address), into a "process
token". A process token should be used when the process is
the object of an action (ie. when the process is the
receiver of a signal). The autoprocessex() function (see
below) should be used in place of this function.
The autoprocessex() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group
ID), a ruid (real user ID), a rgid (real group ID), a pid
(process ID), an sid (audit session ID), and a tid (audit
terminal ID containing an IPv4 or IPv6 IP address), into a
"process token". A process token should be used when the
process is the object of an action (that is, when the pro-
cess is the receiver of a signal). This function should be
used in place of autoprocess().
The autoreturn(), autoreturn32(), and autoreturn64()
functions format an error number number and a return value
value into a "return value token".
The autosocket() function format the data pointed to by so
into a ``socket token.''
The autosubject() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group
ID), a ruid (real user ID), an rgid (real group ID), a pid
(process ID), an sid (audit session ID), an tid (audit ter-
minal ID containing an IPv4 IP address), into a "subject
token". The autosubjectex() function (see below) should
be used in place of this function.
The autosubjectex() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group
ID), a ruid (real user ID), an rgid (real group ID), a pid
(process ID), an sid (audit session ID), an tid (audit ter-
minal ID containing an IPv4 or IPv6 IP address), into a
"subject token". This function should be used in place of
autosubject().
The autotext() function formats the null-terminated string
pointed to by text into a "text token".
SunOS 5.11 Last change: 31 Mar 2005 4
Security and Auditing Library Functions auto(3BSM)
RETURN VALUES
These functions return NUL if memory cannot be allocated to
put the resultant token into, or if an error in the input is
detected.
ATRIBUTES
See attributes(5) for a description of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Interface Stability Stable
MT-Level MT-Safe
SEE ALSO
bsmconv(1M), auopen(3BSM), attributes(5)
NOTES
The functionality described on this manual page is available
only if the Solaris Auditing has been enabled. See
bsmconv(1M) for more information.
SunOS 5.11 Last change: 31 Mar 2005 5
|
