From df5afa4fcd9725380f94ca6476248d4cc24f889a Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Sun, 29 Nov 2015 08:22:13 -0800 Subject: v2.4.4 audit sources Change-Id: I9315a7408817db51edf084fb4d27fbb492785084 Signed-off-by: Ashlee Young --- framework/src/audit/docs/audit_log_user_command.3 | 37 +++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 framework/src/audit/docs/audit_log_user_command.3 (limited to 'framework/src/audit/docs/audit_log_user_command.3') diff --git a/framework/src/audit/docs/audit_log_user_command.3 b/framework/src/audit/docs/audit_log_user_command.3 new file mode 100644 index 00000000..39e67560 --- /dev/null +++ b/framework/src/audit/docs/audit_log_user_command.3 @@ -0,0 +1,37 @@ +.TH "AUDIT_LOG_USER_COMMAND" "3" "Feb 2007" "Red Hat" "Linux Audit API" +.SH NAME +audit_log_user_command \- log a user command +.SH SYNOPSIS +.B #include +.sp +.B int audit_log_user_command(int audit_fd, int type, const char *command, const char *tty, int result); + +.SH DESCRIPTION +This function will log a command to the audit system using a predefined message format. It encodes the command as the audit system expects for untrusted strings. This function should be used by all apps need to record commands. The function parameters are as follows: + +.nf +audit_fd - The fd returned by audit_open +type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN +command - the command being logged +tty - The tty of the user, if NULL will attempt to figure out +result - 1 is "success" and 0 is "failed" +.fi + +.SH "RETURN VALUE" + +It returns the sequence number which is > 0 on success or <= 0 on error. + +.SH "ERRORS" + +This function returns \-1 on failure. Examine errno for more info. + +.SH "SEE ALSO" + +.BR audit_log_user_message (3), +.BR audit_log_user_comm_message (3), +.BR audit_log_acct_message (3), +.BR audit_log_user_avc_message (3), +.BR audit_log_semanage_message (3). + +.SH AUTHOR +Steve Grubb -- cgit 1.2.3-korg