auditsys
Purpose
Gets and sets the audit state of the system.
Syntax
#include <sys/audit.h>
int auditsys (cmd, gevents, sevents)
int cmd;
char **gevents[ ], **sevents[ ];
Description
The auditsys system call writes the audit events given by
the gevents parameter (general user events) and the
sevents parameter (special user events) when the cmd
parameter is A_SET, and reads those audit events when the
cmd parameter is A_GET. The /etc/security/audit/a_event
file defines the valid event names (see "a_event").
Parameters gevents and sevents are either pointers to
arrays of character pointers, or pointers to pointers to
pointers to characters. For A_SET, the caller of
auditsys must allocate space to these parameters and set
their contents. For A_GET, the caller of auditsys should
use a (char ***) and not preallocate space to these
parameters. The (char ***) here is simply a pointer to
an argv data structure.
The effective user ID of the calling process must be
superuser to use the auditsys system call.
Return Value
Upon successful completion, the auditsys system call
returns a value of 0. If auditsys fails, a value of -1
is returned and errno is set to indicate the error.
Diagnostics
The auditsys system call fails if one or more of the fol-
lowing are true:
EACCES The desired events cannot be read by A_GET or
written by A_SET.
EFAULT The gevents or sevents parameter points to a
location outside the address space allocated
to the process.
EINVAL The cmd parameter is neither A_GET nor A_SET.
EPERM The effective user ID of the calling process
is not superuser.
Related Information
In this book: "audit," "auditlog," and "auditproc."
The audit command in the AIX Operating System Commands
Reference.