Mac OS X Manual Page For au

Mac Dev Center Right arrow

Mac OS X Reference Library Right arrow

General

Mac OS X Man Pages

This manual page is for Mac OS X version 10.6

If you are running a different version of Mac OS X, view the documentation locally:

In Terminal, using the man(1) command

Reading manual pages

Manual pages are intended as a quick reference for people who already understand a technology.

For more information about the manual page format, see the manual page for manpages(5).
For more information about this technology, look for other documentation in the Apple Reference Library.
For general information about writing shell scripts, read Shell Scripting Primer.


AU_IO(3)                                BSD Library Functions Manual                                AU_IO(3)

NAME
     au_fetch_tok, au_print_tok, au_read_rec -- perform I/O involving an audit record

LIBRARY
     Basic Security Module Library (libbsm, -lbsm)

SYNOPSIS
     #include <bsm/libbsm.h>

     int
     au_fetch_tok(tokenstr_t *tok, u_char *buf, int len);

     void
     au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm);

     int
     au_read_rec(FILE *fp, u_char **buf);

DESCRIPTION
     These interfaces support input and output (I/O) involving audit records, internalizing an audit record
     from a byte stream, converting a token to either a raw or default string, and reading a single record
     from a file.

     The au_fetch_tok() function reads a token from the passed buffer buf of length len bytes, and returns a
     pointer to the token via tok.

     The au_print_tok() function prints a string form of the token tok to the file output stream outfp,
     either in default mode, or raw mode if raw is set non-zero.  The delimiter del is used when printing.

     The au_read_rec() function reads an audit record from the file stream fp, and returns an allocated mem-ory memory
     ory buffer containing the record via *buf, which must be freed by the caller using free(3).

     A typical use of these routines might open a file with fopen(3), then read records from the file
     sequentially by calling au_read_rec().  Each record would be broken down into components tokens through
     sequential calls to au_fetch_tok() on the buffer, and then invoking au_print_tok() to print each token
     to an output stream such as stdout.  On completion of the processing of each record, a call to free(3)
     would be used to free the record buffer.  Finally, the source stream would be closed by a call to
     fclose(3).

RETURN VALUES
     The au_fetch_tok() and au_read_rec() functions return 0 on success, or -1 on failure along with addi-tional additional
     tional error information returned via errno.

SEE ALSO
     free(3), libbsm(3)

HISTORY
     The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under
     contract to Apple Computer, Inc., in 2004.  It was subsequently adopted by the TrustedBSD Project as
     the foundation for the OpenBSM distribution.

AUTHORS
     This software was created by Robert Watson, Wayne Salamon, and Suresh Krishnaswamy for McAfee Research,
     the security research division of McAfee, Inc., under contract to Apple Computer, Inc.

     The Basic Security Module (BSM) interface to audit records and audit event stream format were defined
     by Sun Microsystems.

BUGS
     The errno variable may not always be properly set in the event of an error.

BSD                                            April 19, 2005                                            BSD

Reporting Problems

The way to report a problem with this manual page depends on the type of problem:

Content errors: Report errors in the content of this documentation with the feedback links below.
Bug reports: Report bugs in the functionality of the described tool or API through Bug Reporter.
Formatting problems: Report formatting mistakes in the online version of these pages with the feedback links below.