1. BSM question
Hi,
I am currently experimenting BSM on a Solaris workstation, and more
precisely, I am trying to write a program to manipulate a BSM audit
file (it can be seen as a "praudit"-like program).
Therefore, I am looking for functions which read a BSM file, and fill
some BSM structures defined in the header file "bsm_record.h"
In the header file "libbsm.h" installed on my machine (a Sun SPARC with
Solaris 2.7), one can find :
|
|
.......
|
| /*
| * Functions that do I/O for audit files
| */
|
| #ifdef __STDC__
| extern int au_close(int, int, short);
| extern int au_open(void);
| extern int au_write(int, token_t *);
| extern int au_read_rec(FILE *, char **);
| extern int au_fetch_tok(au_token_t *, char *, int);
| extern int au_print_tok(FILE *, au_token_t *, char *, char *, char *,
int);
|
The first three functions ("au_close", "au_open", "au_write") are documented
in the man pages, but do not correspond to my needs
On the opposite, I cannot find any information about the three others,
and I have the feeling they correspond to what I am looking for
(especially "au_read_rec" and "au_fetch_tok").
I have tried to "discover" what is done by these functions by implementing a
short
program which used these functions. When compiling this program, the linker
produces
an "undefined symbol" error. Indeed, executing "nm" on "libbsm.a" shows that
there
is no symbol corresponding to these functions
Can anybody here give me some more information about these functions ? Are they
really
implemented ?
If I'm in the wrong way, can you give me some references to the well-suited
documentation ??
Thanks in advance
--
jpp
2. Problem with RH 5.1 ftp install
3. No CD install
4. Compiling binutils
5. ASET and BSM questions
6. FS:Sparc Classics Major Price Reductions!!!
7. BSM Solaris - question of return value
8. Question about Solaris BSM and Auditd
9. Log file for BSM (auditd)
10. BSM audit_user file
11. BSM (c2) on Sol2.1 problems?
by