Security and Auditing Library Functions au_to(3BSM)
NAME
au_to, au_to_arg, au_to_arg32, au_to_arg64, au_to_attr,
au_to_cmd, au_to_data, au_to_groups, au_to_in_addr,
au_to_ipc, au_to_iport, au_to_me, au_to_newgroups,
au_to_opaque, au_to_path, au_to_process, au_to_process_ex,
au_to_return, au_to_return32, au_to_return64, au_to_socket,
au_to_subject, au_to_subject_ex, au_to_text - create audit
record tokensSYNOPSIS
cc [ flag... ] file... -lbsm -lsocket -lnsl [ library... ]
#include
#include
#include
#include
token_t *au_to_arg(char n, char *text, uint32_t v);
token_t *au_to_arg32(char n, char *text, uint32_t v);
token_t *au_to_arg64(char n, char *text, uint64_t v);
token_t *au_to_attr(struct vattr *attr);
token_t *au_to_cmd(uint_t argc, char **argv, char **envp);
token_t *au_to_data(char unit_print, char unit_type, char unit_count,
char *p);token_t *au_to_groups(int *groups);
token_t *au_to_in_addr(struct in_addr *internet_addr);
token_t *au_to_ipc(char type, int id);
token_t *au_to_iport(u_short_t iport);
token_t *au_to_me(void);
token_t *au_to_newgroups(int n, gid_t *groups);
SunOS 5.11 Last change: 30 Mar 2010 1
Security and Auditing Library Functions au_to(3BSM)
token_t *au_to_opaque(char *data, short bytes);
token_t *au_to_path(char *path);
token_t *au_to_process(au_id_t auid, uid_t euid, gid_t egid,
uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_t *tid);
token_t *au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid,
uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid);
token_t *au_to_return(char number, uin32t_t value);
token_t *au_to_return32(char number, uin32t_t value);
token_t *au_to_return64(char number, uin64t_t value);
token_t *au_to_socket(struct oldsocket *so);
token_t *au_to_subject(au_id_t auid, uid_t euid, gid_t egid,
uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_t *tid);
token_t *au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid,
uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid);
token_t *au_to_text(char *text);
DESCRIPTION
The au_to_arg(), au_to_arg32(), and au_to_arg64() functions
format the data in v into an "argument token". The n argu-
ment indicates the argument number. The text argument is anull-terminated string describing the argument.
The au_to_attr() function formats the data pointed to by
attr into a "vnode attribute token".The au_to_cmd() function formats the data pointed to by argv
into a "command token". A command token reflects a command and its parameters as entered. For example, the pfexec(1)utility uses au_to_cmd() to record the command and arguments
SunOS 5.11 Last change: 30 Mar 2010 2
Security and Auditing Library Functions au_to(3BSM)
it reads from the command line.The au_to_data() function formats the data pointed to by p
into an "arbitrary data token". The unit_print parameter
determines the preferred display base of the data and is oneof AUP_BINARY, AUP_OCTAL, AUP_DECIMAL, AUP_HEX, or
AUP_STRING. The unit_type parameter defines the basic unit
of data and is one of AUR_BYTE, AUR_CHAR, AUR_SHORT,
AUR_INT, or AUR_LONG. The unit_count parameter specifies
the number of basic data units to be used and must be posi-
tive.The au_to_groups() function formats the array of 16 integers
pointed to by groups into a "groups token". Theau_to_newgroups() function (see below) should be used in
place of this function.The au_to_in_addr() function formats the data pointed to by
internet_addr into an "internet address token".
The au_to_ipc() function formats the data in the id parame-
ter into an "interprocess communications ID token".The au_to_iport() function formats the data pointed to by
iport into an "ip port address token".The au_to_me() function collects audit information from the
current process and creates a "subject token" by callingau_to_subject().
The au_to_newgroups() function formats the array of n
integers pointed to by groups into a "newgroups token". Thisfunction should be used in place of au_to_groups().
The au_to_opaque() function formats the bytes bytes pointed
to by data into an "opaque token". The value of size must be positive.The au_to_path() function formats the path name pointed to
by path into a ``path token.''SunOS 5.11 Last change: 30 Mar 2010 3
Security and Auditing Library Functions au_to(3BSM)
The au_to_process() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group ID), a ruid (real user ID), a rgid (real group ID), a pid (process ID), an sid (audit session ID), and a tid (audit terminal ID containing an IPv4 IP address), into a "process token". A process token should be used when the process is the object of an action (ie. when the process is thereceiver of a signal). The au_to_process_ex() function (see
below) should be used in place of this function.The au_to_process_ex() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group ID), a ruid (real user ID), a rgid (real group ID), a pid (process ID), an sid (audit session ID), and a tid (audit terminal ID containing an IPv4 or IPv6 IP address), into a "process token". A process token should be used when theprocess is the object of an action (that is, when the pro-
cess is the receiver of a signal). This function should beused in place of au_to_process().
The au_to_return(), au_to_return32(), and au_to_return64()
functions format an error number number and a return value value into a "return value token".The au_to_socket() function format the data pointed to by so
into a ``socket token.''The au_to_subject() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group ID), a ruid (real user ID), an rgid (real group ID), a pid(process ID), an sid (audit session ID), an tid (audit ter-
minal ID containing an IPv4 IP address), into a "subjecttoken". The au_to_subject_ex() function (see below) should
be used in place of this function.The au_to_subject_ex() function formats an auid (audit user
ID), an euid (effective user ID), an egid (effective group ID), a ruid (real user ID), an rgid (real group ID), a pid(process ID), an sid (audit session ID), an tid (audit ter-
minal ID containing an IPv4 or IPv6 IP address), into a "subject token". This function should be used in place ofau_to_subject().
The au_to_text() function formats the null-terminated string
pointed to by text into a "text token".SunOS 5.11 Last change: 30 Mar 2010 4
Security and Auditing Library Functions au_to(3BSM)
RETURN VALUES
These functions return NULL if memory cannot be allocated to put the resultant token into, or if an error in the input is detected.ATTRIBUTES
See attributes(5) for a description of the following attri-
butes:____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Interface Stability | Committed ||_____________________________|_____________________________|
| MT-Level | MT-Safe |
|_____________________________|_____________________________|
SEE ALSO
au_open(3BSM), attributes(5)
SunOS 5.11 Last change: 30 Mar 2010 5