audit_dpms_api.3 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

audit_dpms_api(3) audit_dpms_api(3)

to store information that is shared by subsequent calls to the

audit_dpms_api()

functions.

A module argument that begins with

speciﬁes an absolute path of a DPMS service

module to load. If the module argument does not begin with /, then the DPMS ser-

vice module is assumed to reside in one of the following locations:

/usr/lib/security/

module.sl

/usr/lib/security/pa20_64/

module.sl

/usr/lib/security/hpux32/

module.so

/usr/lib/security/hpux64/

module.so

where module is the name of the DPMS service module.

The stream_type argument describes the stream argument. In other words,

stream_type describes the type of stream to be used for reading or writing audit

data. The different values for the stream_type argument are as follows:

AUDIT_DPMS_FILE_STREAM

The stream is an opened stream (FILE *).

AUDIT_DPMS_FD The stream is an opened ﬁle descriptor.

AUDIT_DPMS_PATH The stream is a ﬁle path.

The options argument is described in the Options section below.

The version argument indicates which version of

<audit_dpms_*.h>

header ﬁles

were used for compilation. The value of the version argument must be

AUDIT_DPMS_VERSION

audit_dpms_end()

This function is called after use of a DPMS service module has been completed, to

free allocated resources and unload the module. The dpmh argument must be the

value returned from a previous call to audit_dpms_start()

audit_dpms_read_event()

Reads audit data from a module and source determined from information in the

handle speciﬁed by the dpmh argument. audit_dpms_read_event()

puts that

audit data into data structures supplied in the origin , header , subject , object ,

details , and buffer arguments. The buffer argument points to a buffer for storing all

strings referenced by the information returned in the header, subject , object , and

details structures. This buffer must be at least

AUDIT_DPMS_BUFFER_SIZE

bytes. The dpmh argument must be the value returned from a previous call to

audit_dpms_start()

audit_dpms_write_event()

Writes the audit data from the data structures supplied in the origin , header, sub-

ject , object , details , and buffer arguments.

audit_dpms_write_event()

writes the audit data to a module and destination determined from information in

the handle speciﬁed by the dpmh argument. The dpmh argument must be the

value returned from a previous call to audit_dpms_start().

audit_dpms_register_filter()

Registers one or more audit ﬁlters deﬁned in a ﬁle speciﬁed by the ﬁlepath argu-

ment. A ﬁlter affects the reading or writing of audit information by

audit_dpms_read_event() and audit_dpms_write_event()

. The

grammar of the ﬁlter ﬁle is described in the audit_dpms_ﬁlter (4) manpage.

audit_dpms_register_filter() can be called multiple times to register

more ﬁlters. The dpmh argument must be the value returned from a previous call

to audit_dpms_start().

Options

The

audit_dpms_start() options argument is a string consisting of a list of options (case insensitive)

separated by spaces. For example, "read silent" . Also refer to the manpages of the individual

DPMS service modules for additional module speciﬁc options and restrictions.

The following options are supported by

audit_dpms_start():

2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: September 2010