Writes an audit record.
Security Library (libc.a)
The auditwrite subroutine builds the tail of an audit record and then writes it with the auditlog subroutine. The tail is built by gathering the specified buffers. The last buffer pointer must be a null.
If the auditwrite subroutine is to be called from a program invoked from the inittab file, the setpcred subroutine should be called first to establish the process' credentials.
Item | Description |
---|---|
Event | Specifies the name of the event to be logged. |
Result | Specifies the audit status of the event. Valid values are defined in the sys/audit.h file and are listed in the auditlog subroutine. |
Buffer1, Buffer2 | Specifies the character buffers containing audit tail information. Note that numerical values must be passed by reference. The correct size can be computed with the sizeof C function. |
Length1, Length2 | Specifies the lengths of the corresponding buffers. |
If the auditwrite subroutine completes successfully, a value of 0 is returned. Otherwise, a value of -1 is returned and the errno global variable is set to indicate the error.
The auditwrite subroutine fails if the following is true:
Item | Description |
---|---|
ENOSPC | The auditwrite subroutine is unable to allocate space for the tail buffer. |
Other error codes are returned by the auditlog subroutine.