From owner-p4-projects@FreeBSD.ORG Tue Jul 8 18:56:02 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5C11C106567F; Tue, 8 Jul 2008 18:56:02 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1F8411065674 for ; Tue, 8 Jul 2008 18:56:02 +0000 (UTC) (envelope-from sson@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 0E05D8FC1F for ; Tue, 8 Jul 2008 18:56:02 +0000 (UTC) (envelope-from sson@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m68Iu1vn002213 for ; Tue, 8 Jul 2008 18:56:01 GMT (envelope-from sson@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m68Iu1u5002211 for perforce@freebsd.org; Tue, 8 Jul 2008 18:56:01 GMT (envelope-from sson@FreeBSD.org) Date: Tue, 8 Jul 2008 18:56:01 GMT Message-Id: <200807081856.m68Iu1u5002211@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sson@FreeBSD.org using -f From: Stacey Son To: Perforce Change Reviews Cc: Subject: PERFORCE change 144903 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2008 18:56:02 -0000 http://perforce.freebsd.org/chv.cgi?CH=144903 Change 144903 by sson@sson_amd64 on 2008/07/08 18:55:23 Added additional detail concerning API. Affected files ... .. //depot/projects/trustedbsd/openbsm/man/setaudit.2#8 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/man/setaudit.2#8 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/setaudit.2#7 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/setaudit.2#8 $ .\" .Dd April 19, 2005 .Dt SETAUDIT 2 @@ -54,9 +54,113 @@ and .Fa length . .Pp +The +.Fa auditinfo_t +data structure is defined as follows: +.nf +.in +4n + +struct auditinfo { + au_id_t ai_auid; /* Audit user ID */ + au_mask_t ai_mask; /* Audit masks */ + au_tid_t ai_termid; /* Terminal ID */ + au_asid_t ai_asid; /* Audit session ID */ +}; +typedef struct auditinfo auditinfo_t; +.in +.fi +.Pp +The +.Fa ai_auid +variable contains the audit identifier which is recorded in the audit log for +each event the process caused. +.PP + +The +.Fa au_mask_t +data structure defines the bit mask for auditing successful and failed events +out of the predefined list of event classes. It is defined as follows: +.nf +.in +4n + +struct au_mask { + unsigned int am_success; /* success bits */ + unsigned int am_failure; /* failure bits */ +}; +typedef struct au_mask au_mask_t; +.in +.fi +.PP + +The +.Fa au_termid_t +data structure defines the Terminal ID recorded with every event caused by the +process. It is defined as follows: +.nf +.in +4n + +struct au_tid { + dev_t port; + u_int32_t machine; +}; +typedef struct au_tid au_tid_t; + +.in +.fi +.PP +The +.Fa ai_asid +variable contains the audit session ID which is recorded with every event +caused by the process. +.Pp +The +.Fn setaudit_addr +system call +uses the expanded +.Fa auditinfo_addr_t +data structure supports Terminal IDs with larger addresses such as those used +in IP version 6. It is defined as follows: +.nf +.in +4n + +struct auditinfo_addr { + au_id_t ai_auid; /* Audit user ID. */ + au_mask_t ai_mask; /* Audit masks. */ + au_tid_addr_t ai_termid; /* Terminal ID. */ + au_asid_t ai_asid; /* Audit session ID. */ +}; +typedef struct auditinfo_addr auditinfo_addr_t; + +.in +.fi +.Pp +The +.Fa au_tid_addr_t +data structure which includes a larger address storage field and an additional +field with the type of address stored: +.nf +.in +4n + +struct au_tid_addr { + dev_t at_port; + u_int32_t at_type; + u_int32_t at_addr[4]; +}; +typedef struct au_tid_addr au_tid_addr_t; +.in +.fi +.Pp These system calls require an appropriate privilege to complete. .Sh RETURN VALUES .Rv -std setaudit setaudit_addr +.Sh ERRORS +.Bl -tag -width Er +.It Bq Er EPERM +The caller does not possess the appropriate privileges. +.TP +.It Bq Er EFAULT/EINVAL +Invalid argument. +.El .Sh SEE ALSO .Xr audit 2 , .Xr auditon 2 ,