diff options
Diffstat (limited to 'contrib/openbsm/man/audit.2')
-rw-r--r-- | contrib/openbsm/man/audit.2 | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/contrib/openbsm/man/audit.2 b/contrib/openbsm/man/audit.2 new file mode 100644 index 0000000..6e14899 --- /dev/null +++ b/contrib/openbsm/man/audit.2 @@ -0,0 +1,96 @@ +.\"- +.\" Copyright (c) 2005 Tom Rhodes +.\" Copyright (c) 2005 Robert N. M. Watson +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.2#6 $ +.\" +.Dd April 19, 2005 +.Dt AUDIT 2 +.Os +.Sh NAME +.Nm audit +.Nd "Commit a BSM audit record to the audit log" +.Sh SYNOPSIS +.In bsm/audit.h +.Ft int +.Fn audit "const char *record" "u_int length" +.Sh DESCRIPTION +.Fn audit +submits a completed BSM audit record to the system audit log. +.Pp +.Fa record +is a pointer to the the specific event to be recorded and +.Vt length +is the size in bytes of the data to be written. +.Sh RETURN VALUES +.Rv -std +.Sh ERRORS +The +.Fn audit +system call will fail and the data never written if: +.Bl -tag -width Er +.It Bq Er EFAULT +The +.Fa record +argument is beyond the allocated address space of the process. +.It Bq Er EINVAL +The token ID is invalid or +.Vt length +is larger than +.Vt MAXAUDITDATA . +.It Bq Er EPERM +The process does not have sufficient permission to complete +the operation. +.El +.Sh SEE ALSO +.Xr auditon 2 , +.Xr getauid 2 , +.Xr setauid 2 , +.Xr getaudit 2 , +.Xr setaudit 2 , +.Xr getaudit_addr 2 , +.Xr setaudit_addr 2 , +.Xr libbsm 3 +.Sh AUTHORS +This software was created by McAfee Research, the security research division +of McAfee, Inc., under contract to Apple Computer Inc. +Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. +.Pp +This manual page was written by +.An Tom Rhodes Aq trhodes@FreeBSD.org . +.Sh HISTORY +The OpenBSM implementation was created by McAfee Research, the security +division of McAfee Inc., under contract to Apple Computer Inc. in 2004. +It was subsequently adopted by the TrustedBSD Project as the foundation for +the OpenBSM distribution. +.Sh BUGS +The +.Fx +kernel does not fully validate that the argument passed is syntactically +valid BSM. +Submitting invalid audit records may corrupt the audit log. |