2 .\" Copyright (c) 2005-2006 Robert N. M. Watson
3 .\" All rights reserved.
5 .\" Redistribution and use in source and binary forms, with or without
6 .\" modification, are permitted provided that the following conditions
8 .\" 1. Redistributions of source code must retain the above copyright
9 .\" notice, this list of conditions and the following disclaimer.
10 .\" 2. Redistributions in binary form must reproduce the above copyright
11 .\" notice, this list of conditions and the following disclaimer in the
12 .\" documentation and/or other materials provided with the distribution.
14 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 .\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 $
43 .Nd "look up information from the audit_control database"
53 .Fn getacdir "char *name" "int len"
55 .Fn getacmin "int *min_val"
57 .Fn getacexpire "int *andflg, time_t *age, size_t *size"
59 .Fn getacfilesz "size_t *size_val"
61 .Fn getacflg "char *auditstr" "int len"
63 .Fn getacna "char *auditstr" "int len"
65 .Fn getacpol "char *auditstr" "size_t len"
67 .Fn au_poltostr "int policy" "size_t maxsize" "char *buf"
69 .Fn au_strtopol "const char *polstr" "int *policy"
71 These interfaces may be used to look up information from the
73 database, which contains various audit-related administrative parameters.
78 resets the database iterator to the beginning of the database; see the
80 section for more information.
92 returns the name of the directory where log data is stored via the passed
101 returns the minimum free disk space for the audit log target file system via
109 returns the audit trail file expiration parameters in the passed
120 If the parameter is not specified in the
122 file it is set to zero.
127 returns the audit trail rotation size in the passed
135 returns the audit system flags via the the passed character buffer
143 returns the non-attributable flags via the passed character buffer
151 returns the audit policy flags via the passed character buffer
159 converts a numeric audit policy mask,
161 to a string in the passed character buffer
169 converts an audit policy flags string,
171 to a numeric audit policy mask returned via
184 return 0 on success, or a negative value on failure, along with error
191 returns a string length of 0 or more on success, or a negative value on
192 if there is a failure.
194 Functions that return a string value will return a failure if there is
195 insufficient room in the passed character buffer for the full string.
200 The OpenBSM implementation was created by McAfee Research, the security
201 division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
202 It was subsequently adopted by the TrustedBSD Project as the foundation for
203 the OpenBSM distribution.
206 This software was created by
210 .An Suresh Krishnaswamy
211 for McAfee Research, the security research division of McAfee,
212 Inc., under contract to Apple Computer, Inc.
214 The Basic Security Module (BSM) interface to audit records and audit event
215 stream format were defined by Sun Microsystems.
217 These routines cannot currently distinguish between an entry not being found
218 and an error accessing the database.
219 The implementation should be changed to return an error via
225 There is no reason for the
227 interface to be exposed as part of the public API, as it is called implicitly
228 by other access functions and iteration is not supported.
230 These interfaces inconsistently return various negative values depending on
231 the failure mode, and do not always set