Sun Microsystems, Inc.
spacerspacer
spacer   www.sun.com docs.sun.com | | |  
spacer
black dot
   
A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z
    
 
System Callsauditsvc(2)

NAME

 auditsvc - write audit log to specified file descriptor

SYNOPSIS

  
cc [ flag ... ] file... -lbsm -lsocket -lnsl -lintl [ library ... ]
#include <sys/param.h>
#include <bsm/audit.h>
int auditsvc(int fd, int limit);

DESCRIPTION

 

The auditsvc() function specifies the audit log file to the kernel. The kernel writes audit records to this file until an exceptional condition occurs and then the call returns. The fd argument is a file descriptor that identifies the audit file. Applications should open this file for writing before calling auditsvc().

The limit argument specifies the number of free blocks that must be available in the audit file system, and causes auditsvc() to return when the free disk space on the audit filesystem drops below this limit. Thus, the invoking program can take action to avoid running out of disk space.

The auditsvc() function does not return until one of the following conditions occurs:

  • The process receives a signal that is not blocked or ignored.
  • An error is encountered writing to the audit log file.
  • The minimum free space (as specified by limit), has been reached.

RETURN VALUES

 

The auditsvc() function returns only on an error.

ERRORS

 

The auditsvc() function will fail if:

EAGAIN
The descriptor referred to a stream, was marked for System V-style non-blocking I/O, and no data could be written immediately.
EBADF
The fd argument is not a valid descriptor open for writing.
EBUSY
A second process attempted to perform this call.
EFBIG
An attempt was made to write a file that exceeds the process's file size limit or the maximum file size.
EINTR
The call is forced to terminate prematurely due to the arrival of a signal whose SV_INTERRUPT bit in sv_flags is set (see sigvec(3UCB)). The signal(3C) function sets this bit for any signal it catches.
EINVAL
Auditing is disabled (see auditon(2)), or the fd argument does not refer to a file of an appropriate type (regular files are always appropriate.)
EIO
An I/O error occurred while reading from or writing to the file system.
ENOSPC
The user's quota of disk blocks on the file system containing the file has been exhausted; audit filesystem space is below the specified limit; or there is no free space remaining on the file system containing the file.
ENXIO
A hangup occurred on the stream being written to.
EPERM
The process's effective user ID is not superuser.
EWOULDBLOCK
The file was marked for 4.2 BSD-style non-blocking I/O, and no data could be written immediately.

USAGE

 

Only processes with an effective user ID of superuser can execute this call successfully.

ATTRIBUTES

 

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityStable
MT-LevelMT-Safe

SEE ALSO

 

auditd(1M), bsmconv(1M), audit(2), auditon(2), sigvec(3UCB), audit.log(4), attributes(5)

NOTES

 

The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.
SunOS 5.9Go To TopLast Changed 27 Aug 2001
 
      
      
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.