PERFORCE change 73936 for review

Tom Rhodes trhodes at FreeBSD.org
Sun Mar 27 21:40:16 GMT 2005 

http://perforce.freebsd.org/chv.cgi?CH=73936

Change 73936 by trhodes at trhodes_local on 2005/03/27 21:39:43

	Update with comments provided by Wayne.

Affected files ...

.. //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/lib/libc/sys/auditon.2#2 (text+ko) ====

@@ -25,7 +25,7 @@
 .\" $FreeBSD$
 .\"
 .Dd February 17, 2005
-.Dt AUDIT 2
+.Dt AUDITON 2
 .Os
 .Sh NAME
 .Nm auditon
@@ -34,7 +34,7 @@
 .Lb bsm
 .Sh SYNOPSIS
 .In sys/param.h
-.In libbsm/audit.h
+.In bsm/audit.h
 .Ft int
 .Fn auditon "struct thread *td, struct auditon_args *uap"
 .Sh DESCRIPTION
@@ -49,6 +49,21 @@
 .Bl -tag -width ".It Dv A_GETPINFO_ADDR"
 .It Dv A_SETPOLICY
 Set audit policy flags.
+Currently, only
+.Dv AUDIT_CNT
+and
+.Dv AUDIT_AHLT
+are implemented.
+In the
+.Dv AUDIT_CNT
+case, the action will continue regardless if
+an event will not be audited.
+In the
+.Dv AUDIT_AHLT
+case, a
+.Xr panic 9
+will result if an event will not be written to the
+audit log file.
 .It Dv A_SETKAUDIT
 Return
 .Er ENOSYS .
@@ -77,15 +92,15 @@
 .It Dv A_SETCLASS
 Set the event class preselection mask for the designated audit event.
 .It Dv A_SETPMASK
-Set the default kernel preselection mask, this is used to preselect
-non-attributable audit events.
+Set the given process's audit selection masks for both
+success and failure.
 .It Dv A_SETFSIZE
-Return the maximum and default size of the audit file.
+Set the maximum size of the audit log file.
 .It Dv A_SETKAUDIT
-Toggle kernel event auditing to enable/disable.
+Return
+.Er ENOSYS .
 .It Dv A_GETCLASS
 Return the event to class mapping for the designated audit event.
-The preselection class mask will be returned as well.
 .It Dv A_GETKAUDIT
 Return
 .Er ENOSYS .
@@ -95,7 +110,8 @@
 .It Dv A_GETPINFO_ADDR
 Return
 .Er ENOSYS .
-A_GETKMASK
+.It Dv A_GETKMASK
+Return the current kernel preselection mask for non-attributable mask.
 .It Dv A_GETPOLICY
 Get the current audit policy flags.
 .It Dv A_GETQCTRL
@@ -103,12 +119,21 @@
 .It Dv A_SETQCTRL
 Set the kernel audit queue control parameters.
 .It Dv A_GETCWD
-Return the current working directory as stored in the audit subsystem.
+.\" [COMMENTED OUT]: Valid description, not yet implemented.
+.\" Return the current working directory as stored in the audit subsystem.
+Return
+.Er ENOSYS .
 .It Dv A_GETCAR
-Stores and returns the current active root as stored in the audit
-subsystem.
+.\" [COMMENTED OUT]: Valid description, not yet implemented.
+.\"Stores and returns the current active root as stored in the audit
+.\"subsystem.
+Return
+.Er ENOSYS .
 .It Dv A_GETSTAT
-Return the statistics stored in the audit system.
+.\" [COMMENTED OUT]: Valid description, not yet implemented.
+.\"Return the statistics stored in the audit system.
+Return
+.Er ENOSYS .
 .It Dv A_GETCOND
 Return
 .Er ENOSYS .
@@ -120,6 +145,8 @@
 .Fn auditon
 function will fail if:
 .Bl -tag -width Er
+.It Bq Er ENOSYS
+Returned by options not yet implemented.
 .It Bq Er EFAULT
 A failure occurred while data transferred to or from
 the kernel failed.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list