PERFORCE change 107327 for review
Ruslan Ermilov
ru at FreeBSD.org
Thu Oct 5 12:26:33 PDT 2006
http://perforce.freebsd.org/chv.cgi?CH=107327
Change 107327 by ru at ru_edoofus on 2006/10/05 19:25:18
Fix markup.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/libbsm/au_class.3#5 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#7 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#6 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_free_token.3#5 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_io.3#4 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_mask.3#5 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#7 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#10 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_user.3#6 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#10 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#10 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/libbsm/au_class.3#5 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_class.3#4 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_class.3#5 $
.\"
.Dd April 19, 2005
.Dt AU_CLASS 3
@@ -35,51 +35,58 @@
.Nm getauclassnam_r ,
.Nm setauclass ,
.Nm endauclass
-.Nd "Look up information from the audit_class database"
+.Nd "look up information from the audit_class database"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
-.Ft struct au_class_ent *
-.Fn getauclassent "void"
-.Ft struct au_class_ent *
+.Ft "struct au_class_ent *"
+.Fn getauclassent void
+.Ft "struct au_class_ent *"
.Fn getauclassent_r "struct au_class_ent *e"
-.Ft struct au_class_ent *
+.Ft "struct au_class_ent *"
.Fn getauclassnam "const char *name"
-.Ft struct au_class_ent *
+.Ft "struct au_class_ent *"
.Fn getauclassnam_r "struct au_class_ent *e" "const char *name"
.Ft void
-.Fn setauclass "void"
+.Fn setauclass void
.Ft void
-.Fn endauclass "void"
+.Fn endauclass void
.Sh DESCRIPTION
These interfaces may be used to look up information from the
.Xr audit_class 5
database, which describes audit event classes.
Audit event classes are described by
-.Vt struct au_class_ent .
+.Vt "struct au_class_ent" .
.Pp
-.Pp
+The
.Fn getauclassent
+function
will return the next class found in the
.Xr audit_class 5
database, or the first if the function has not yet been called.
.Dv NULL
will be returned if no further records are available.
.Pp
+The
.Fn getauclassnam
+function
looks up a class by name.
.Dv NULL
will be returned if no matching class can be found.
.Pp
+The
.Fn setauclass
+function
resets the iterator through the
.Xr audit_class 5
database, causing the next call to
.Fn getauclassent
to start again from the beginning of the file.
.Pp
+The
.Fn endauclass
+function
closes the
.Xr audit_class 5
database, if open.
@@ -92,8 +99,13 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
==== //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#7 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#6 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#7 $
.\"
.Dd April 19, 2005
.Dt AU_CONTROL 3
@@ -39,15 +39,15 @@
.Nm getacpol ,
.Nm au_poltostr ,
.Nm au_strtopol
-.Nd "Look up information from the audit_control database"
+.Nd "look up information from the audit_control database"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
.Ft void
-.Fn setac "void"
+.Fn setac void
.Ft void
-.Fn endac "void"
+.Fn endac void
.Ft int
.Fn getacdir "char *name" "int len"
.Ft int
@@ -69,64 +69,88 @@
.Xr audit_control 5
database, which contains various audit-related administrative parameters.
.Pp
+The
.Fn setac
+function
resets the database iterator to the beginning of the database; see the
-BUGS section for more information.
+.Sx BUGS
+section for more information.
.Pp
+The
.Fn sendac
+function
closes the
.Xr audit_control 5
database.
.Pp
+The
.Fn getacdir
+function
returns the name of the directory where log data is stored via the passed
character buffer
-.Va name
+.Fa name
of length
-.Va len .
+.Fa len .
.Pp
+The
.Fn getacmin
+function
returns the minimum free disk space for the audit log target file system via
the passed
-.Va min_val
+.Fa min_val
variable.
.Pp
+The
.Fn getacfilesz
-returns the audit trail rotation size in the passed size_t buffer
+function
+returns the audit trail rotation size in the passed
+.Vt size_t
+buffer
.Fa size_val .
.Pp
+The
.Fn getacflg
+function
returns the audit system flags via the the passed character buffer
-.Va auditstr
+.Fa auditstr
of length
-.Va len .
+.Fa len .
.Pp
+The
.Fn getacna
+function
returns the non-attributable flags via the passed character buffer
-.Va auditstr
+.Fa auditstr
of length
-.Va len .
+.Fa len .
.Pp
+The
.Fn getacpol
+function
returns the audit policy flags via the passed character buffer
-.Va auditstr
+.Fa auditstr
of length
-.Va len .
+.Fa len .
.Pp
+The
.Fn au_poltostr
+function
converts a numeric audit policy mask,
-.Va policy ,
-value to a string in the passed character buffer
-.Va buf
+.Fa policy ,
+to a string in the passed character buffer
+.Fa buf
of lenth
-.Va maxsize .
+.Fa maxsize .
.Pp
+The
.Fn au_strtopol
+function
converts an audit policy flags string,
-.Va polstr ,
+.Fa polstr ,
to a numeric audit policy mask returned via
-.Va policy .
+.Fa policy .
.Sh RETURN VALULES
+The
.Fn getacdir ,
.Fn getacmin ,
.Fn getacflg ,
@@ -134,11 +158,14 @@
.Fn getacpol ,
and
.Fn au_strtopol
+functions
return 0 on success, or a negative value on failure, along with error
information in
.Va errno .
.Pp
+The
.Fn au_poltostr
+function
returns a string length of 0 or more on success, or a negative value on
if there is a failure.
.Pp
@@ -153,8 +180,13 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
==== //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#6 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#5 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#6 $
.\"
.Dd April 19, 2005
.Dt AU_EVENT 3
@@ -40,17 +40,17 @@
.Nm getauevnum_r ,
.Nm getauevnonam ,
.Nm getauevnonam_r
-.Nd "Look up information from the audit_event database"
+.Nd "look up information from the audit_event database"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
.Ft void
-.Fn setauevent "void"
+.Fn setauevent void
.Ft void
-.Fn endauevent "void"
+.Fn endauevent void
.Ft "struct au_event_ent *"
-.Fn getauevent "void"
+.Fn getauevent void
.Ft "struct au_event_ent *"
.Fn getauevent_r "struct au_event_ent *e"
.Ft "struct au_event_ent *"
@@ -70,45 +70,55 @@
.Xr audit_event 5
database, which describes audit events.
Entries in the database are described by
-.Vt struct au_event_ent
+.Vt "struct au_event_ent"
entries, which are returned by calls to
.Fn getauevent ,
.Fn getauevnam ,
or
.Fn getauevnum .
-It is also possible look up an event number via a call to
-.Nm getauevnonam .
+It is also possible to look up an event number via a call to
+.Fn getauevnonam .
.Pp
+The
.Fn setauevent
+function
resets the database access session for
.Xr audit_event 5 ,
so that the next call to
.Fn getauevent
will start with the first entry in the database.
.Pp
+The
.Fn endauevent
+function
closes the
.Xr audit_event 5
database session.
.Pp
+The
.Fn getauevent
+function
returns a reference to the next entry in the
.Xr audit_event 5
database.
.Pp
+The
.Fn getauevnam
+function
returns a reference to the entry in the
.Xr audit_event 5
database with a name of
-.Va name .
+.Fa name .
.Pp
.Fn getauevnum
returns a reference to the entry in the
.Xr audit_event 5
database with an event number of
-.Va event_number .
+.Fa event_number .
.Pp
+The
.Fn getauevnonam
+function
returns a reference to an audit event number using the
.Xr audit_event 5
database.
@@ -123,11 +133,12 @@
and
.Fn getauevnuam
will return a reference to a
-.Ft struct au_event_ent
+.Vt "struct au_event_ent"
or
-.Ft au_event_t
+.Vt au_event_t
on success, or
-.Dv NULL on failure, with
+.Dv NULL
+on failure, with
.Va errno
set to provide further error information.
.Sh SEE ALSO
@@ -139,14 +150,21 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
.Sh BUGS
+The
.Va errno
+variable
is not always properly set following a failure.
.Pp
These routines are thread-safe, but not re-entrant, so simultaneous or
==== //depot/projects/trustedbsd/openbsm/libbsm/au_free_token.3#5 (text+ko) ====
@@ -27,14 +27,14 @@
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_free_token.3#4 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_free_token.3#5 $
.\"
.Dd April 19, 2005
.Dt AU_FREE_TOKEN 3
.Os
.Sh NAME
.Nm au_free_token
-.Nd "Deallocate a token_t created by any of the au_to_*() BSM API functions"
+.Nd "deallocate a token_t created by any of the au_to_*() BSM API functions"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
@@ -48,25 +48,27 @@
However, if
.Xr au_write 3
is passed a bad audit descriptor, the
-.Vt token_t *
+.Vt "token_t *"
parameter will be left untouched.
In that case, the caller can deallocate the
.Vt token_t
using
-.Nm
+.Fn au_free_token
if desired.
.Pp
The
-.Va tok
+.Fa tok
argument is a
-.Vt token_t *
-generated by one of the au_to_*() BSM API calls.
+.Vt "token_t *"
+generated by one of the
+.Fn au_to_*
+BSM API calls.
For convenience,
-.Va tok
+.Fa tok
may be
.Dv NULL ,
in which case
-.Nm
+.Fn au_free_token
returns immediately.
.Sh IMPLEMENTATION NOTES
This is, in fact, what
@@ -82,8 +84,13 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
==== //depot/projects/trustedbsd/openbsm/libbsm/au_io.3#4 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_io.3#3 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_io.3#4 $
.\"
.Dd April 19, 2005
.Dt AU_IO 3
@@ -32,7 +32,7 @@
.Nm au_fetch_tok ,
.Nm au_print_tok ,
.Nm au_read_rec
-.Nd "Perform I/O involving an audit record"
+.Nd "perform I/O involving an audit record"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
@@ -48,31 +48,37 @@
internalizing an audit record from a byte stream, converting a token to
either a raw or default string, and reading a single record from a file.
.Pp
+The
.Fn au_fetch_tok
+function
reads a token from the passed buffer
-.Va buf
+.Fa buf
of length
-.Va len
+.Fa len
bytes, and returns a pointer to the token via
-.Va tok .
+.Fa tok .
.Pp
+The
.Fn au_print_tok
+function
prints a string form of the token
-.Va tok
+.Fa tok
to the file output stream
-.Va outfp,
+.Fa outfp ,
either in default mode, or raw mode if
-.Va raw
+.Fa raw
is set non-zero.
The delimiter
-.Va del
+.Fa del
is used when printing.
.Pp
+The
.Fn au_read_rec
+function
reads an audit record from the file stream
-.Va fp ,
+.Fa fp ,
and returns an allocated memory buffer containing the record via
-.Va *buf ,
+.Fa *buf ,
which must be freed by the caller using
.Xr free 3 .
.Pp
@@ -93,10 +99,12 @@
Finally, the source stream would be closed by a call to
.Xr fclose 3 .
.Sh RETURN VALUES
+The
.Fn au_fetch_tok
and
.Fn au_read_rec
-return 0 on success, or -1 on failure along with additional error information
+functions
+return 0 on success, or \-1 on failure along with additional error information
returned via
.Va errno .
.Sh SEE ALSO
@@ -108,12 +116,19 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
.Sh BUGS
+The
.Va errno
+variable
may not always be properly set in the event of an error.
==== //depot/projects/trustedbsd/openbsm/libbsm/au_mask.3#5 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_mask.3#4 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_mask.3#5 $
.\"
.Dd April 19, 2005
.Dt AU_MASK 3
@@ -32,7 +32,7 @@
.Nm au_preselect ,
.Nm getauditflagsbin ,
.Nm getauditflagschar
-.Nd "Convert between string and numeric values of audit masks"
+.Nd "convert between string and numeric values of audit masks"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
@@ -49,13 +49,15 @@
including conversion between numeric and text formats, and computing whether
or not an event is matched by a mask.
.Pp
+The
.Fn au_preselect
+function
calculates whether or not the audit event passed via
-.Va event
+.Fa event
is matched by the audit mask passed via
-.Va au_mask_t .
+.Fa mask_p .
The
-.Va sorf
+.Fa sorf
argument indicates whether or not to consider the event as a success,
if the
.Dv AU_PRS_SUCCESS
@@ -63,7 +65,7 @@
.Dv AU_PRS_FAILURE
flag is set.
The
-.Va flag
+.Fa flag
argument accepts additional arguments influencing the behavior of
.Fn au_preselect ,
including
@@ -73,44 +75,49 @@
.Dv AU_PRS_USECACHE
which forces use of the cache.
.Pp
+The
.Fn getauditflagsbin
+function
converts a string representation of an audit mask passed via a character
string pointed to by
-.Va auditstr ,
+.Fa auditstr ,
returning the resulting mask, if valid, via
-.Va *masks .
+.Fa *masks .
.Pp
+The
.Fn getauditflagschar
+function
converts the audit event mask passed via
-.Va *masks
+.Fa *masks
and converts it to a character string in a buffer pointed to by
-.Va auditstr .
-See the BUGS section for more information on how to provide a buffer of
+.Fa auditstr .
+See the
+.Sx BUGS
+section for more information on how to provide a buffer of
sufficient size.
If the
-.Va verbose
+.Fa verbose
flag is set, the class description string retrieved from
.Xr audit_class 5
will be used; otherwise, the two-character class name.
.Sh IMPLEMENTATION NOTES
+The
.Fn au_preselect
+function
makes implicit use of various audit database routines, and may influence
the behavior of simultaneous or interleaved processing of those databases by
other code.
.Sh RETURN VALUES
+The
.Fn au_preselect
-returns 0 on success, or returns -1 if there is a failure looking up the
+function
+returns 0 on success, or returns \-1 if there is a failure looking up the
event type or other database access, in which case
.Va errno
will be set to indicate the error.
It returns 1 if the event is matched; 0 if not.
.Pp
-.Fn getauditflagsbin
-and
-.Fn getauditflagschar
-returns 0 on success, or -1 if there is a failure, in which case
-.Va errno
-will be set to indicate the error.
+.Rv -std getauditflagsbin getauditflagschar
.Sh SEE ALSO
.Xr libbsm 3 ,
.Xr audit_class 5
@@ -120,17 +127,26 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
.Sh BUGS
+The
.Va errno
+variable
may not always be properly set in the event of an error.
.Pp
+The
.Fn getauditflagschar
+function
does not provide a way to indicate how long the character buffer is, in order
to detect overflow.
As a result, the caller must always provide a buffer of sufficient length for
==== //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#7 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#6 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#7 $
.\"
.Dd March 4, 2006
.Dt AU_OPEN 3
@@ -34,13 +34,13 @@
.Nm au_close_token ,
.Nm au_open ,
.Nm au_write
-.Nd "Create and commit audit records"
+.Nd "create and commit audit records"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
.Ft int
-.Fn au_open "void"
+.Fn au_open void
.Ft int
.Fn au_write "int d" "token_t *tok"
.Ft int
@@ -73,7 +73,7 @@
abandon the record.
In either cases, all resources associated with the record will be released.
The
-.Va keep
+.Fa keep
argument determines the behavior: a value of
.Dv AU_TO_WRITE
causes the record to be committed; a value of
@@ -81,28 +81,30 @@
causes it to be abandoned.
When the audit record is committed, a BSM header will be inserted before
tokens added to the record, using the event identifier passed via
-.Va event ,
+.Fa event ,
and a trailer added to the end.
Committing a record to the system audit log requires privilege.
.Pp
The
.Fn au_close_buffer
function writes the resulting record to an in-memory buffer of size
-.Va *buflen ;
+.Fa *buflen ;
it will write back the filled buffer length into the same variable.
The argument
-.Va short
+.Fa event
is the event identifier to use in the record header.
.Pp
The
.Fn au_close_token
function generates the BSM stream output for a single token,
-.Va tok ,
+.Fa tok ,
in the passed buffer
-.Va buffer .
+.Fa buffer .
The initial buffer size and resulting data size are passed via
-.Va *buflen .
+.Fa *buflen .
+The
.Fn au_close_token
+function
will free the token before returning.
.Sh RETURN VALUES
The function
@@ -129,8 +131,13 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
+.An Suresh Krishnaswamy
+for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
==== //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#10 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#9 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#10 $
.\"
.Dd April 19, 2005
.Dt AU_TOKEN 3
@@ -72,103 +72,103 @@
.Nm au_to_header ,
.Nm au_to_header32 ,
.Nm au_to_header64 ,
-.Nm au_to_trailer .
-.Nd "Routines for generating BSM audit tokens"
+.Nm au_to_trailer
+.Nd "routines for generating BSM audit tokens"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_arg32 "char n" "char *text" "u_int32_t v"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_arg64 "char n" "char *text" "u_int64_t v"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_arg "char n" "char *text" "u_int32_t v"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_attr32 "struct vattr *attr"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_attr64 "struct vattr *attr"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_attr "struct vattr *attr"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_data "char unit_print" "char unit_type" "char unit_count" "char *p"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_exit "int retval" "int err"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_groups "int *groups"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_newgroups "u_int16_t n" "gid_t *groups"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_in_addr "struct in_addr *internet_addr"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_in_addr_ex "struct in6_addr *internet_addr"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_ip "struct ip *ip"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_ipc "char type" "int id"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_ipc_perm "struct ipc_perm *perm"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_iport "u_int16_t iport"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_opaque "char *data" "u_int64_t bytes"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_file "char *file" "struct timeval tm"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_text "char *text"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_path "char *text"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_process32 "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_process64 "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_process32_ex "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_addr_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_process64_ex "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_addr_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_return32 "char status" "u_int32_t ret"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_return64 "char status" "u_int64_t ret"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_return "char status" "u_int32_t ret"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_seq "long audit_count"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_sock_inet32 "struct sockaddr_in *so"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_sock_inet128 "struct sockaddr_in6 *so"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_sock_int "struct sockaddr_in *so"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject32 "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject64 "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject32_ex "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject64_ex "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_addr_t *tid"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_subject_ex "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_addr_t *tid"
-.Ft token_t *
-.Fn au_to_me "void"
-.Ft token_t *
+.Ft "token_t *"
+.Fn au_to_me void
+.Ft "token_t *"
.Fn au_to_exec_args "char **argv"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_exec_env "char **envp"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_header "int rec_size" "au_event_t e_type" "au_emod_t emod"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_header32 "int rec_size" "au_event_t e_type" "au_emod_t emod"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_header64 "int rec_size" "au_event_t e_type" "au_emod_t e_mod"
-.Ft token_t *
+.Ft "token_t *"
.Fn au_to_trailer "int rec_size"
.Sh DESCRIPTION
These interfaces support the allocation of BSM audit tokens, represented by
-.Ft token_t ,
+.Vt token_t ,
for various data types.
.Sh RETURN VALUES
On success, a pointer to a
@@ -189,10 +189,14 @@
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh AUTHORS
-This software was created by Robert Watson, Wayne Salamon, and Suresh
-Krishnaswamy for McAfee Research, the security research division of McAfee,
+.An -nosplit
+This software was created by
+.An Robert Watson ,
+.An Wayne Salamon ,
+and
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the trustedbsd-cvs
mailing list