setaudproc.2 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

setaudproc(2) setaudproc(2)

NAME

setaudproc() - controls process level auditing for the current process and its decendents

SYNOPSIS

#include <sys/audit.h>

int setaudproc(int

aﬂag);

DESCRIPTION

setaudproc() controls process level auditing for the current process and its decendents. It accom-

plishes this by setting or clearing the

u_audproc ﬂag in the u area of the calling process. When this

ﬂag is set, the system audits the process; when it is cleared, the process is not audited. This call is res-

tricted to users with the

SELFAUDIT privilege.

One of the following ﬂags must be used for aﬂag:

AUD_PROC Audit the calling process and its decendents.

AUD_CLEAR Do not audit the calling process and its decendents.

The

u_audproc ﬂag is inherited by the descendents of a process. consequently, the effect of a call to

setaudproc() is not limited to the current process, but propagates to all its decendents as well. For

example, if setaudproc() is called with the

AUD_PROC ﬂag, all subsequent audited system calls in the

current process and its descendents are audited until

setaudproc() is called with the AUD_CLEAR

ﬂag.

Further,

setaudproc() performs its action regardless of whether the user executing the process has

been selected to be audited or not. For example, if setaudproc() is called with the

AUD_PROC (or the

AUD_CLEAR) ﬂag, all subsequent audited system calls will be audited (or not audited), regardless of

whether the user executing the process has been selected for auditing or not.

Due to these features,

setaudproc() should not be used in most self-auditing applications.

audswitch() should be used (see audswitch (2)) when the objective is to suspend auditing within a pro-

cess without affecting its decendents or overriding the user selection aspect of the auditing system.

Security Restrictions

Some or all of the actions associated with this system call require the

SELFAUDIT privilege. Processes

owned by the superuser have this privilege. Processes owned by other users may have this privilege,

depending on system conﬁguration. See privileges (5) for more information about privileged access on sys-

tems that support ﬁne-grained privileges.

RETURN VALUE

Upon successful completion,

setaudproc() returns 0; otherwise, it returns −1 and sets errno to indi-

cate the error.

AUTHOR

setaudproc() was developed by HP.

Summary of content (2 pages)

PAGE 1
setaudproc(2) setaudproc(2) NAME setaudproc() - controls process level auditing for the current process and its decendents SYNOPSIS #include int setaudproc(int aflag ); DESCRIPTION setaudproc() controls process level auditing for the current process and its decendents. It accomplishes this by setting or clearing the u_audproc flag in the u area of the calling process. When this flag is set, the system audits the process; when it is cleared, the process is not audited.
PAGE 2
(Notes) A (Notes) sA 2 Hewlett-Packard Company −1− HP-UX 11i Version 3: September 2010