man.bsd.lv manual page server

Manual Page Search Parameters

AU_CLASS(3) Library Functions Manual AU_CLASS(3)

getauclassent, getauclassent_r, getauclassnam, getauclassnam_r, setauclass, endauclasslook up information from the audit_class database

library “libbsm”

#include <bsm/libbsm.h>

struct au_class_ent *
getauclassent(void);

struct au_class_ent *
getauclassent_r(struct au_class_ent *e);

struct au_class_ent *
getauclassnam(const char *name);

struct au_class_ent *
getauclassnam_r(struct au_class_ent *e, const char *name);

void
setauclass(void);

void
endauclass(void);

These interfaces may be used to look up information from the audit_class(5) database, which describes audit event classes. Audit event classes are described by struct au_class_ent.

The () function will return the next class found in the audit_class(5) database, or the first if the function has not yet been called. NULL will be returned if no further records are available.

The () function looks up a class by name. NULL will be returned if no matching class can be found.

The () function resets the iterator through the audit_class(5) database, causing the next call to getauclassent() to start again from the beginning of the file.

The () function closes the audit_class(5) database, if open.

libbsm(3), audit_class(5)

The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.

This software was created by Robert Watson, Wayne Salamon, and Suresh Krishnaswamy for McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer, Inc.

The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.

These routines cannot currently distinguish between an entry not being found and an error accessing the database. The implementation should be changed to return an error via errno when NULL is returned.

April 19, 2005 FreeBSD-12.0