AUDIT_OPEN(3) | Linux Audit API | AUDIT_OPEN(3) |
NAME
audit_open - Open a audit netlink socket connection
SYNOPSIS
#include <libaudit.h>
int audit_open(void);
DESCRIPTION
audit_open creates a NETLINK_AUDIT socket for communication with the kernel part of the Linux Audit Subsystem. The audit system uses the ACK feature of netlink. This means that every message to the kernel will return a netlink status packet even if the operation succeeds.
RETURN VALUE
Returns -1 if an error occurs; otherwise, the return value is a descriptor referencing the socket.
ERRORS
The audit_open() function may fail and set errno for any of the errors specified for the socket(2) and fcntl(2) routines.
SEE ALSO
AUTHOR
Steve Grubb
Oct 2006 | Red Hat |