Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ getaeent(3A) — Motorola System V 88k Release 4 Version 4.3

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

aueventmgmt(1M)

auevent(4)

getaeent(3A)  —  MISC. REFERENCE MANUAL PAGES

NAME

getaeent, getaeeid, getaenam, setaeent, endaeent, fgetaeent − gets audit event type entry

SYNOPSIS

#include <auevent.h>
#include <stdio.h>
 struct auevent ∗getaeent ()
 struct auevent ∗getaeeid (eid)
int eid;
 struct auevent ∗getaenam (name)
char ∗name;
 int setaeent ()
 void endaeent ()
 struct auevent ∗fgetaeent (f)
FILE ∗f;
 

DESCRIPTION

getaeent, getaeeid, and getaenam each return a pointer to an object with the auevent  structure containing the fields of a line in the /var/security/auevent file.  Each line in the file corresponds to an auevent structure, declared in the <auevent.h> header file:

 struct  auevent
 {
intae_eid;
char∗ae_name;
char∗ae_desc;
 };

The fields have the meanings defined in auevent(4). 

getaeent, when first called, returns a pointer to the first auevent structure in the file.  Thereafter, it returns a pointer to the next auevent structure in the file, so successive calls can be used to search the entire file. 

getaeeid searches from the beginning of the file until a numerical audit event type ID matching eid is found and returns a pointer to the particular structure in which it was found. 

getaenam searches from the beginning of the file until an audit event name matching name is found and returns a pointer to the particular structure in which it was found. 

If an end-of-file or an error is encountered on reading, the three preceding functions will return a NULL pointer. 

If the audit event file is already open, a call to setaeent will have the effect of rewinding the audit event file to allow repeated searches.  Otherwise, setaeent will open the audit event file. 

endaeent is called to close the audit event file when processing is complete. 

fgetaeent returns a pointer to the next auevent structure that matches the format of /var/security/auevent in the stream f. 

Lines in the audit event file that are blank or begin with a pound character (#) are ignored. 

Except for endaeent, these functions all require super-user privilege. 

FILES

/var/security/aueventaudit event file

SEE ALSO

aueventmgmt(1M), auevent(4)

DIAGNOSTICS

A NULL pointer is returned on EOF or error, execpt for setaeent which returns -1 on error. 

WARNINGS

The above routines use <stdio.h>, which causes them to increase the size of programs more than might be expected if the programs do not otherwise use standard I/O. 

All information is contained in a static area, so it must be copied if it is to be saved. 

(Security Enhancement)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026