getaudproc(2) [hpux man page]

getaudproc(2)							System Calls Manual						     getaudproc(2)

NAME

       getaudproc()  - get the audit process flag for the calling process

SYNOPSIS

DESCRIPTION

       returns	the  audit process flag for the calling process.  The audit process flag (u_audproc) determines whether the process run by a given
       user should be audited.	The process is audited if the returned flag is 1.  If the returned flag is 0, the process is  not  audited.   This
       call is restricted to users with the privilege.

   Security Restrictions
       Some  or  all of the actions associated with this system call require the privilege.  Processes owned by the superuser have this privilege.
       Processes owned by other users may have this privilege, depending on system configuration.  See privileges(5) for  more	information  about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, the audit process flag is returned; otherwise, a is returned and is set to indicate the error.

ERRORS

       fails if the following is true:

       The caller does not have the
		      privilege.

AUTHOR

       was developed by HP.

SEE ALSO

       setaudproc(2), privileges(5).

																     getaudproc(2)

audwrite(2)							System Calls Manual						       audwrite(2)

NAME

       audwrite() - write an audit record for a self-auditing process

SYNOPSIS

DESCRIPTION

       is  called  by  self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
       doing higher-level auditing on their own.  is restricted to users with the privilege.

       checks to see if the auditing system is on and the calling process and the event specified are being audited.  If these conditions are met,
       writes  the  audit  record  pointed to by audrec_p into the audit trail.  The record consists of an audit record body and a header with the
       following fields:

	      /* Date/time (tv_sec of timeval) */
	      /* Process ID */
	      /* Success/failure */
	      /* Event being audited */
	      /* Length of variant part */

       The body contains additional information about the high-level audit event.  The header fields and are specified	by  the  calling  process.
       fills  in  and fields with the correct values.  this is done to reduce the risk of forgery.  Beginning with 11i version 3 release, converts
       the record into a different format before writing it into the current audit trail.

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       If the write is successful, a value of is returned.  Otherwise, a value of is returned and is set to indicate the reason for the failure.

ERRORS

       fails if one of the following is true:

	      The caller does not possess the
			     privilege.

	      The event number in the audit record is invalid.

WARNINGS

       If causes a file space overflow, the calling process might be suspended until the file space is cleaned up.  However, a returned call  with
       the return value of indicates that the audit record has been successfully written.

AUTHOR

       was developed by HP.

SEE ALSO

       audswitch(2), audit(4), privileges(5).

																       audwrite(2)