AUDIT_LOG_USER_COMMAND(3) | Linux Audit API | AUDIT_LOG_USER_COMMAND(3) |
NAME
audit_log_user_command - log a user command
SYNOPSIS
#include <libaudit.h>
int audit_log_user_command(int audit_fd, int type, const char *command, const char *tty, int result);
DESCRIPTION
This function will log a command to the audit system using a predefined message format. It encodes the command as the audit system expects for untrusted strings. This function should be used by all apps need to record commands. The function parameters are as follows:
audit_fd - The fd returned by audit_open type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN command - the command being logged tty - The tty of the user, if NULL will attempt to figure out result - 1 is "success" and 0 is "failed"
RETURN VALUE
It returns the sequence number which is > 0 on success or <= 0 on error.
ERRORS
This function returns -1 on failure. Examine errno for more info.
SEE ALSO
audit_log_user_message(3), audit_log_user_comm_message(3), audit_log_acct_message(3), audit_log_user_avc_message(3), audit_log_semanage_message(3).
AUTHOR
Steve Grubb
Feb 2007 | Red Hat |