Linux Certif

Toute la documentation sur la certification Linux LPI

Rechercher une page de manuel

audit

BSD mandoc

NAME

audit - Commit a BSM audit record to the audit log

SYNOPSIS

In bsm/audit.h Ft int Fn audit const char *record u_int length

DESCRIPTION

Fn audit submits a completed BSM audit record to the system audit log.

Fa record is a pointer to the the specific event to be recorded and Vt length is the size in bytes of the data to be written.

RETURN VALUES

Rv -std

ERRORS

The Fn audit system call will fail and the data never written if:

Bq Er EFAULT

The Fa record argument is beyond the allocated address space of the process.

Bq Er EINVAL

The token ID is invalid or Vt length is larger than Vt MAXAUDITDATA .

Bq Er EPERM

The process does not have sufficient permission to complete the operation.

SEE ALSO

auditon(2), getauid(2), setauid(2), getaudit(2), setaudit(2), getaudit_addr2, setaudit_addr2, libbsm(3)

AUTHORS

This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.

The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.

This manual page was written by An Tom Rhodes Aq trhodes@FreeBSD.org .

HISTORY

The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc. in 2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.

BUGS

The Fx kernel does not fully validate that the argument passed is syntactically valid BSM. Submitting invalid audit records may corrupt the audit log.