Date: Sun, 27 Mar 2005 21:40:16 GMT From: Tom Rhodes <trhodes@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 73936 for review Message-ID: <200503272140.j2RLeGQv080181@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=73936 Change 73936 by trhodes@trhodes_local on 2005/03/27 21:39:43 Update with comments provided by Wayne. Affected files ... .. //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 (text+ko) ==== @@ -25,7 +25,7 @@ .\" $FreeBSD$ .\" .Dd February 17, 2005 -.Dt AUDIT 2 +.Dt AUDITON 2 .Os .Sh NAME .Nm auditon @@ -34,7 +34,7 @@ .Lb bsm .Sh SYNOPSIS .In sys/param.h -.In libbsm/audit.h +.In bsm/audit.h .Ft int .Fn auditon "struct thread *td, struct auditon_args *uap" .Sh DESCRIPTION @@ -49,6 +49,21 @@ .Bl -tag -width ".It Dv A_GETPINFO_ADDR" .It Dv A_SETPOLICY Set audit policy flags. +Currently, only +.Dv AUDIT_CNT +and +.Dv AUDIT_AHLT +are implemented. +In the +.Dv AUDIT_CNT +case, the action will continue regardless if +an event will not be audited. +In the +.Dv AUDIT_AHLT +case, a +.Xr panic 9 +will result if an event will not be written to the +audit log file. .It Dv A_SETKAUDIT Return .Er ENOSYS . @@ -77,15 +92,15 @@ .It Dv A_SETCLASS Set the event class preselection mask for the designated audit event. .It Dv A_SETPMASK -Set the default kernel preselection mask, this is used to preselect -non-attributable audit events. +Set the given process's audit selection masks for both +success and failure. .It Dv A_SETFSIZE -Return the maximum and default size of the audit file. +Set the maximum size of the audit log file. .It Dv A_SETKAUDIT -Toggle kernel event auditing to enable/disable. +Return +.Er ENOSYS . .It Dv A_GETCLASS Return the event to class mapping for the designated audit event. -The preselection class mask will be returned as well. .It Dv A_GETKAUDIT Return .Er ENOSYS . @@ -95,7 +110,8 @@ .It Dv A_GETPINFO_ADDR Return .Er ENOSYS . -A_GETKMASK +.It Dv A_GETKMASK +Return the current kernel preselection mask for non-attributable mask. .It Dv A_GETPOLICY Get the current audit policy flags. .It Dv A_GETQCTRL @@ -103,12 +119,21 @@ .It Dv A_SETQCTRL Set the kernel audit queue control parameters. .It Dv A_GETCWD -Return the current working directory as stored in the audit subsystem. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\" Return the current working directory as stored in the audit subsystem. +Return +.Er ENOSYS . .It Dv A_GETCAR -Stores and returns the current active root as stored in the audit -subsystem. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\"Stores and returns the current active root as stored in the audit +.\"subsystem. +Return +.Er ENOSYS . .It Dv A_GETSTAT -Return the statistics stored in the audit system. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\"Return the statistics stored in the audit system. +Return +.Er ENOSYS . .It Dv A_GETCOND Return .Er ENOSYS . @@ -120,6 +145,8 @@ .Fn auditon function will fail if: .Bl -tag -width Er +.It Bq Er ENOSYS +Returned by options not yet implemented. .It Bq Er EFAULT A failure occurred while data transferred to or from the kernel failed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503272140.j2RLeGQv080181>