The getauuserent(), getauusernam(), getauuserent_r(), and getauusernam_r() functions each return an audit_user entry. Entries can come from any of the sources specified in the /etc/nsswitch.conf file (see nsswitch.conf(4)).
The getauusernam() and getauusernam_r() functions search for an audit_user entry with a given login name name.
The getauuserent() and getauuserent_r() functions enumerate audit_user entries; successive calls to these functions will return either successive audit_user entries or NULL.
The setauuser() function "rewinds" to the beginning of the enumeration of audit_user entries. Calls to getauusernam() and getauusernam_r() may leave the enumeration in an indeterminate state, so setauuser() should be called before the first call to getauuserent() or getauuserent_r().
The endauuser() function may be called to indicate that audit_user processing is complete; the system may then close any open audit_user file,
deallocate storage, and so forth.
The getauuserent_r() and getauusernam_r() functions both take an argument u, which is a pointer to an au_user_ent.
This is the pointer that is returned on successful function calls.
The internal representation of an audit_user entry is an au_user_ent structure defined in <bsm/libbsm.h> with the following members:
|
char *au_name;
au_mask_t au_always;
au_mask_t au_never;
|
|