unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

auditsvc(2)                      System Calls                      auditsvc(2)



NAME
       auditsvc - write audit log to specified file descriptor

SYNOPSIS
       cc [ flag... ] file... -lbsm -lsocket -lnsl -lintl [ library... ]
       #include <sys/param.h>
       #include <bsm/audit.h>

       int auditsvc(int fd, int limit);

DESCRIPTION
       The auditsvc() function specifies the audit log file to the kernel. The
       kernel writes audit records to this file until an exceptional condition
       occurs  and then the call returns. The fd argument is a file descriptor
       that identifies the audit file. Applications should open this file  for
       writing before calling auditsvc().

       The  limit  argument  specifies  the number of free blocks that must be
       available in the audit file system, and  causes  auditsvc()  to  return
       when  the  free  disk  space  on  the audit filesystem drops below this
       limit. Thus, the invoking program can take action to avoid running  out
       of disk space.

       The auditsvc() function does not return until one of the following con-
       ditions occurs:

         o  The process receives a signal that is not blocked or ignored.

         o  An error is encountered writing to the audit log file.

         o  The minimum free space (as specified by limit), has been reached.


RETURN VALUES
       The auditsvc() function returns only on an error.

ERRORS
       The auditsvc() function will fail if:

       EAGAIN          The descriptor referred to a  stream,  was  marked  for
                       System  V-style  non-blocking I/O, and no data could be
                       written immediately.



       EBADF           The fd argument is not  a  valid  descriptor  open  for
                       writing.



       EBUSY           A second process attempted to perform this call.



       EFBIG           An  attempt  was  made to write a file that exceeds the
                       process's file size limit or the maximum file size.



       EINTR           The call is forced to terminate prematurely due to  the
                       arrival  of a signal whose SV_INTERRUPT bit in sv_flags
                       is set  (see  sigvec(3UCB)).  The  signal(3C)  function
                       sets this bit for any signal it catches.



       EINVAL          Auditing  is disabled (see auditon(2)), or the fd argu-
                       ment does not refer to a file of  an  appropriate  type
                       (regular files are always appropriate.)



       EIO             An  I/O error occurred while reading from or writing to
                       the file system.



       ENOSPC          The user's quota of disk blocks on the file system con-
                       taining  the  file has been exhausted; audit filesystem
                       space is below the specified limit; or there is no free
                       space remaining on the file system containing the file.



       ENXIO           A hangup occurred on the stream being written to.



       EPERM           The  {PRIV_SYS_AUDIT}  privilege is not asserted in the
                       effective set of the calling process.



       EWOULDBLOCK     The file was marked for 4.2 BSD-style non-blocking I/O,
                       and no data could be written immediately.



USAGE
       Only  processes  with appropriate privileges can execute this call suc-
       cessfully.

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()    allbox;    cw(2.750000i)|     cw(2.750000i)     lw(2.750000i)|
       lw(2.750000i).   ATTRIBUTE TYPEATTRIBUTE VALUE Interface StabilityObso-
       lete MT-LevelMT-Safe


SEE ALSO
       auditd(1M),   bsmconv(1M),    audit(2),    auditon(2),    sigvec(3UCB),
       audit.log(4), attributes(5), privileges(5)

NOTES
       The  functionality  described  on  this  manual  page  is  internal  to
       auditd(1M) and might not be supported in a future release.

       The functionality described on this man page is available only  if  the
       Basic  Security Module (BSM) has been enabled. See bsmconv(1M) for more
       information.



SunOS 5.10                        20 Jan 2003                      auditsvc(2)