Man page - audit_log_user_comm_message(3)

Packages contains this manual

Package:  libaudit-dev
apt-get install libaudit-dev

Manuals in package:
• audit_close(3)
• audit_log_user_avc_message(3)
• audit_syscall_to_name(3)
• audit_set_enabled(3)
• audit_log_acct_message(3)
• audit_request_signal_info(3)
• audit_name_to_syscall(3)
• set_aumessage_mode(3)
• audit_getloginuid(3)
• audit_get_reply(3)
• audit_log_user_comm_message(3)
• audit_setloginuid(3)
• audit_delete_rule_data(3)
• audit_name_to_flag(3)
• audit_name_to_action(3)
• audit_encode_nv_string(3)
• audit_log_user_command(3)
• audit_fstype_to_name(3)
• audit_get_session(3)
• audit_set_failure(3)
• audit_encode_value(3)
• audit_name_to_errno(3)
• audit_detect_machine(3)
• audit_log_user_message(3)
• audit_set_backlog_limit(3)
• audit_flag_to_name(3)
• audit_is_enabled(3)
• audit_update_watch_perms(3)
• audit_name_to_fstype(3)
• audit_request_rules_list_data(3)
• get_auditfail_action(3)
• audit_request_status(3)
• audit_set_pid(3)
• audit_set_rate_limit(3)
• audit_log_semanage_message(3)
• audit_add_rule_data(3)
• audit_open(3)
• audit_value_needs_encoding(3)
• audit_set_backlog_wait_time(3)
• audit_add_watch(3)
Documentations in package:
• libaudit-dev

Manual

AUDIT_LOG_USER_COMM_MESSAGE

NAME
SYNOPSIS
DESCRIPTION
RETURN VALUE
ERRORS
SEE ALSO
AUTHOR

---

NAME

audit_log_user_comm_message - log a user message from a console app

SYNOPSIS

#include <libaudit.h>

int audit_log_user_comm_message(int audit_fd, int type, const char *message, const char *comm, const char *hostname, const char *addr, const char *tty, int result)

DESCRIPTION

This function will log a message to the audit system using a predefined message format. This function should be used by all non-ELF console apps that do not manipulate accounts, groups, or need to log execution of a script. An example would be a Python script recording an event. The function parameters are as follows:

audit_fd - The fd returned by audit_open
type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN
message - the message text being sent
comm - the program command line name, NULL if unknown
hostname - the hostname if known, NULL if unknown
addr - The network address of the user, NULL if unknown
tty - The tty of the user, if NULL will attempt to figure out
result - 1 is "success" and 0 is "failed"

RETURN VALUE

It returns the sequence number which is > 0 on success or <= 0 on error.

ERRORS

This function returns -1 on failure. Examine errno for more info.

SEE ALSO

audit_log_user_message (3), audit_log_acct_message (3), audit_log_user_avc_message (3), audit_log_semanage_message (3).

AUTHOR

Steve Grubb

---