From owner-p4-projects@FreeBSD.ORG Sun Mar 27 21:40:18 2005 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CC92016A4D0; Sun, 27 Mar 2005 21:40:17 +0000 (GMT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 61CB916A4CE for ; Sun, 27 Mar 2005 21:40:17 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C4F843D39 for ; Sun, 27 Mar 2005 21:40:17 +0000 (GMT) (envelope-from trhodes@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j2RLeGeT080185 for ; Sun, 27 Mar 2005 21:40:16 GMT (envelope-from trhodes@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j2RLeGQv080181 for perforce@freebsd.org; Sun, 27 Mar 2005 21:40:16 GMT (envelope-from trhodes@freebsd.org) Date: Sun, 27 Mar 2005 21:40:16 GMT Message-Id: <200503272140.j2RLeGQv080181@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to trhodes@freebsd.org using -f From: Tom Rhodes To: Perforce Change Reviews Subject: PERFORCE change 73936 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Mar 2005 21:40:18 -0000 http://perforce.freebsd.org/chv.cgi?CH=73936 Change 73936 by trhodes@trhodes_local on 2005/03/27 21:39:43 Update with comments provided by Wayne. Affected files ... .. //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 (text+ko) ==== @@ -25,7 +25,7 @@ .\" $FreeBSD$ .\" .Dd February 17, 2005 -.Dt AUDIT 2 +.Dt AUDITON 2 .Os .Sh NAME .Nm auditon @@ -34,7 +34,7 @@ .Lb bsm .Sh SYNOPSIS .In sys/param.h -.In libbsm/audit.h +.In bsm/audit.h .Ft int .Fn auditon "struct thread *td, struct auditon_args *uap" .Sh DESCRIPTION @@ -49,6 +49,21 @@ .Bl -tag -width ".It Dv A_GETPINFO_ADDR" .It Dv A_SETPOLICY Set audit policy flags. +Currently, only +.Dv AUDIT_CNT +and +.Dv AUDIT_AHLT +are implemented. +In the +.Dv AUDIT_CNT +case, the action will continue regardless if +an event will not be audited. +In the +.Dv AUDIT_AHLT +case, a +.Xr panic 9 +will result if an event will not be written to the +audit log file. .It Dv A_SETKAUDIT Return .Er ENOSYS . @@ -77,15 +92,15 @@ .It Dv A_SETCLASS Set the event class preselection mask for the designated audit event. .It Dv A_SETPMASK -Set the default kernel preselection mask, this is used to preselect -non-attributable audit events. +Set the given process's audit selection masks for both +success and failure. .It Dv A_SETFSIZE -Return the maximum and default size of the audit file. +Set the maximum size of the audit log file. .It Dv A_SETKAUDIT -Toggle kernel event auditing to enable/disable. +Return +.Er ENOSYS . .It Dv A_GETCLASS Return the event to class mapping for the designated audit event. -The preselection class mask will be returned as well. .It Dv A_GETKAUDIT Return .Er ENOSYS . @@ -95,7 +110,8 @@ .It Dv A_GETPINFO_ADDR Return .Er ENOSYS . -A_GETKMASK +.It Dv A_GETKMASK +Return the current kernel preselection mask for non-attributable mask. .It Dv A_GETPOLICY Get the current audit policy flags. .It Dv A_GETQCTRL @@ -103,12 +119,21 @@ .It Dv A_SETQCTRL Set the kernel audit queue control parameters. .It Dv A_GETCWD -Return the current working directory as stored in the audit subsystem. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\" Return the current working directory as stored in the audit subsystem. +Return +.Er ENOSYS . .It Dv A_GETCAR -Stores and returns the current active root as stored in the audit -subsystem. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\"Stores and returns the current active root as stored in the audit +.\"subsystem. +Return +.Er ENOSYS . .It Dv A_GETSTAT -Return the statistics stored in the audit system. +.\" [COMMENTED OUT]: Valid description, not yet implemented. +.\"Return the statistics stored in the audit system. +Return +.Er ENOSYS . .It Dv A_GETCOND Return .Er ENOSYS . @@ -120,6 +145,8 @@ .Fn auditon function will fail if: .Bl -tag -width Er +.It Bq Er ENOSYS +Returned by options not yet implemented. .It Bq Er EFAULT A failure occurred while data transferred to or from the kernel failed.