AUDIT_LOG_USER_COMMAND(3) | Linux Audit API | AUDIT_LOG_USER_COMMAND(3) |
audit_log_user_command - log a user command
#include <libaudit.h>
int audit_log_user_command(int audit_fd, int type, const char *command, const char *tty, int result);
This function will log a command to the audit system using a predefined message format. It encodes the command as the audit system expects for untrusted strings. This function should be used by all apps need to record commands. The function parameters are as follows:
audit_fd - The fd returned by audit_open type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN command - the command being logged tty - The tty of the user, if NULL will attempt to figure out result - 1 is "success" and 0 is "failed"
It returns the sequence number which is > 0 on success or <= 0 on error.
This function returns -1 on failure. Examine errno for more info.
audit_log_user_message(3), audit_log_user_comm_message(3), audit_log_acct_message(3), audit_log_user_avc_message(3), audit_log_semanage_message(3).
Steve Grubb
Feb 2007 | Red Hat |