Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ audit(5) — UnixWare 2.01

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

auditevt(2)






       audit(5)                                                    audit(5)


       NAME
             audit - include file for audit event mechanism definitions

       SYNOPSIS
             #include <sys/audit.h>

       DESCRIPTION
             This header file includes information necessary to use the
             audit feature.  It contains macros useful for manipulating the
             auditable event bit mask (emask), and the event mask bit
             permissions.  This information is necessary to properly set
             and interpret the event bit mask used with the auditevt(2)
             system call.

             /* return >1 if event e is to be audited in emask E, 0 otherwise. */
             #define EVENTCHK(e,E) (((unsigned int)0x80000000 >> ((e)&0x1F)) & (E)[(e)>>5])
             /* set the event in the event vector to 1 (= to be audited) */
             #define EVENTADD(e,E) (E)[(e)>>5] |= ((unsigned int)0x80000000 >> ((e)&0x1F))
             /* set the event in the event vector to 0 (= NOT to be audited) */
             #define EVENTDEL(e,E) (E)[(e)>>5] &= ~((unsigned int)0x80000000 >> ((e)&0x1F))
             /* Audit event mask bit positions */
                     /* SVR4.1 ES */
             #define ADT_NULL                0
             #define ADT_ACCESS              1       /* access(2)      */
             #define ADT_ACCT_OFF            2       /* sysacct(2)     */
             #define ADT_ACCT_ON             3       /* sysacct(2)     */
             #define ADT_ACCT_SW             4       /* sysacct(2)     */
             #define ADT_ADD_GRP             5       /* groupadd(1M)   */
             #define ADT_ADD_USR             6       /* useradd(1M)  */
             #define ADT_ADD_USR_GRP         7       /* addgrpmem(1M)  */
             #define ADT_ASSIGN_LID          8       /* lvlname(1M)    */
             #define ADT_ASSIGN_NM           9       /* lvlname(1M)    */
             #define ADT_AUDIT_BUF           10      /* auditbuf(2)    */
             #define ADT_AUDIT_CTL           11      /* auditctl(2)    */
             #define ADT_AUDIT_DMP           12      /* auditdmp(2)    */
             #define ADT_AUDIT_EVT           13      /* auditevt(2)    */
             #define ADT_AUDIT_LOG           14      /* auditlog(2)    */
             #define ADT_AUDIT_MAP           15      /* auditmap(1M)   */
             #define ADT_BAD_AUTH            16      /* bad passwd     */
             #define ADT_BAD_LVL             17      /* bad login lvl  */
             #define ADT_CANCEL_JOB          18      /* lp             */
             #define ADT_CHG_DIR             19      /* chg_dir        */
             #define ADT_CHG_NM              20      /* rename(2)      */
             #define ADT_CHG_ROOT            21      /* chroot(2)      */
             #define ADT_CHG_TIMES           22      /* utime(2)       */
             #define ADT_COV_CHAN_1          23      /* covert channel */


                           Copyright 1994 Novell, Inc.               Page 1













      audit(5)                                                    audit(5)


            #define ADT_COV_CHAN_2          24      /* covert channel */
            #define ADT_COV_CHAN_3          25      /* covert channel */
            #define ADT_COV_CHAN_4          26      /* covert channel */
            #define ADT_COV_CHAN_5          27      /* covert channel */
            #define ADT_COV_CHAN_6          28      /* covert channel */
            #define ADT_COV_CHAN_7          29      /* covert channel */
            #define ADT_COV_CHAN_8          30      /* covert channel */
            #define ADT_CREATE              31      /* creat(2)       */
            #define ADT_CRON                32      /* cron(1M)       */
            #define ADT_DAC_MODE            33      /* chmod(2)       */
            #define ADT_DAC_OWN_GRP         34      /* chown(2)       */
            #define ADT_DATE                35      /* stime(2) adj_time(2) */
            #define ADT_DEACTIVATE_LID      36      /* lvldelete(1M)  */
            #define ADT_DEF_LVL             37      /* login level    */
            #define ADT_DEL_NM              38      /* lvldelete(1M)  */
            #define ADT_DISP_ATTR           39      /* devstat(2) fdevstat(2) */
            #define ADT_EXEC                40      /* exec(2)        */
            #define ADT_EXIT                41      /* exit(2)        */
            #define ADT_FCNTL               42      /* fcntl(2)       */
            #define ADT_FILE_ACL            43      /* acl(2)         */
            #define ADT_FILE_LVL            44      /* lvl_file(2)    */
            #define ADT_FILE_PRIV           45      /* filepriv(2)    */
            #define ADT_FORK                46      /* fork(2)        */
            #define ADT_INIT                47      /* init(1M)       */
            #define ADT_IOCNTL              48      /* ioctl(2)       */
            #define ADT_IPC_ACL             49      /* aclipc(2)      */
            #define ADT_KILL                50      /* kill(2)        */
            #define ADT_LINK                51      /* link(2)        */
            #define ADT_LOGIN               52      /* success login  */
            #define ADT_LP_ADMIN            53      /* lp             */
            #define ADT_LP_MISC             54      /* lp misc        */
            #define ADT_MISC                55      /* miscellaneous  */
            #define ADT_MK_DIR              56      /* mkdir(2)       */
            #define ADT_MK_MLD              57      /* mkmld(2)       */
            #define ADT_MK_NODE             58      /* mknod(2)       */
            #define ADT_MOD_GRP             59      /* groupmod(1M)   */
            #define ADT_MOD_USR             60      /* usermod(1M)  */
            #define ADT_MOUNT               61      /* mount(2) umount(2) */
            #define ADT_MSG_CTL             62      /* IPC message controls   */
            #define ADT_MSG_GET             63      /* IPC message gets       */
            #define ADT_MSG_OP              64      /* IPC message operations */
            #define ADT_OPEN_RD             65      /* open(2) RD_ONLY        */
            #define ADT_OPEN_WR             66      /* open(2) WR_ONLY or RDWR*/
            #define ADT_PAGE_LVL            67      /* printer page  level    */
            #define ADT_PASSWD              68      /* passwd(1)    */
            #define ADT_PIPE                69      /* pipe(2)      */


                          Copyright 1994 Novell, Inc.               Page 2













       audit(5)                                                    audit(5)


             #define ADT_PM_DENIED           70      /* adt_priv()   */
             #define ADT_PROC_LVL            71      /* lvlproc(2)   */
             #define ADT_PRT_JOB             72      /* printer job  */
             #define ADT_PRT_LVL             73      /* printer level*/
             #define ADT_RECVFD              74      /* receive FD   */
             #define ADT_RM_DIR              75      /* rmdir(2)     */
             #define ADT_SCHED_LK            76      /* priocntl(2)  */
             #define ADT_SCHED_RT            77      /* priocntl(2)  */
             #define ADT_SCHED_TS            78      /* priocntl(2)  */
             #define ADT_SEM_CTL             79      /* IPC semaphore controls   */
             #define ADT_SEM_GET             80      /* IPC semaphore gets       */
             #define ADT_SEM_OP              81      /* IPC semaphore operations */
             #define ADT_SET_ATTR            82      /* devstat(2) fdevstat(2)   */
             #define ADT_SET_GID             83      /* setgid(2)    */
             #define ADT_SET_GRPS            84      /* setgroups(2) */
             #define ADT_SET_LVL_RNG         85      /* lvlvfs(2)    */
             #define ADT_SET_PGRPS           86      /* setpgrp(2),setpgid(2) */
             #define ADT_SET_SID             87      /* setsid(2)   */
             #define ADT_SET_UID             88      /* setuid(2)    */
             #define ADT_SETRLIMIT           89      /* setrlimit(2) */
             #define ADT_SHM_CTL             90      /* IPC shared-memory controls   */
             #define ADT_SHM_GET             91      /* IPC shared-memory gets       */
             #define ADT_SHM_OP              92      /* IPC shared-memory operations */
             #define ADT_STATUS              93      /* stat(2)      */
             #define ADT_SYM_CREATE          94      /* symlink(2)   */
             #define ADT_SYM_STATUS          95      /* symlink(2)   */
             #define ADT_TFADMIN             96      /* tfadmin(1M)  */
             #define ADT_TRUNC_LVL           97      /* lp           */
             #define ADT_ULIMIT              98      /* ulimit(2)    */
             #define ADT_UMOUNT              99      /* umount(2)    */
             #define ADT_UNLINK              100     /* unlink(2)    */
                     /* SVR4.2 */
             #define ADT_MODPATH             101     /* modpath(2)   */
             #define ADT_MODADM              102     /* modadm(2)    */
             #define ADT_MODLOAD             103     /* adt_modload()*/
             #define ADT_MODULOAD            104     /* adt_moduload()*/
                     /* SVR4.2MP */
             #define ADT_LWP_CREATE          105     /* _lwp_create(2) */
             #define ADT_LWP_BIND            106     /* processor_bind(2) */
             #define ADT_LWP_UNBIND          107     /* processor_bind(1) */
             #define ADT_ONLINE              108     /* online(2) */
             #define ADT_LOGOFF              109     /* ttymon(1) */
             #define ADT_SCHED_FC            110     /* priocntl(2) */
             #define ADT_LWP_EXIT            111     /* _lwp_exit(2) */
             #define ADT_LWP_KILL            112     /* _lwp_kill(2) */
             #define ADT_KEYCTL              113     /* keyctl(2) */


                           Copyright 1994 Novell, Inc.               Page 3













      audit(5)                                                    audit(5)


            #define ADT_SCHED_FP ADT_SCHED_RT

      REFERENCES
            auditevt(2)












































                          Copyright 1994 Novell, Inc.               Page 4








Typewritten Software • bear@typewritten.org • Edmonds, WA 98026