64 lines
1.2 KiB
Groff
64 lines
1.2 KiB
Groff
'\"macro stdmacro
|
|
.Op c p a
|
|
.TH satread 2
|
|
.SH NAME
|
|
satread \- read a block of audit record data
|
|
.SH C SYNOPSIS
|
|
.B #include <sys/sat.h>
|
|
.PP
|
|
.nf
|
|
.B int satread (char *buffer, unsigned nbytes)
|
|
.fi
|
|
.SH DESCRIPTION
|
|
.I satread
|
|
attempts to read
|
|
.I nbytes
|
|
bytes from the security audit trail record queue into the buffer pointed to by
|
|
.IR buffer .
|
|
.PP
|
|
.I satread
|
|
destroys the data that has been read.
|
|
A subsequent
|
|
.I satread
|
|
call will read new and different data.
|
|
.SH ERRORS
|
|
.I satread
|
|
will fail if one or more of the following are true:
|
|
.TP 15
|
|
[ENOPKG]
|
|
Audit is not configured on this system.
|
|
.TP 15
|
|
[EPERM]
|
|
The caller doesn't have \fBCAP_AUDIT_CONTROL\fP capability.
|
|
.TP
|
|
[EFAULT]
|
|
data cannot be copied from
|
|
the kernel
|
|
into
|
|
.IR buffer .
|
|
.TP
|
|
[EACCES]
|
|
the caller's process label does not dominate
|
|
.B dbadmin,
|
|
which is to say, it must dominate
|
|
.B MsenAdmin,MintHigh.
|
|
.TP
|
|
[EACCES]
|
|
there is a sat daemon running on the system, and the caller is not that
|
|
daemon.
|
|
.SH "RETURN VALUE"
|
|
A return value of \-1 indicates an error and
|
|
.I errno
|
|
is set to indicate the error.
|
|
Otherwise the number of bytes copied into
|
|
.I buffer
|
|
is returned.
|
|
.SH "SEE ALSO"
|
|
satd(1m),
|
|
satoff(2),
|
|
saton(2),
|
|
satstate(2),
|
|
satwrite(2)
|
|
.SH "ORIGIN"
|
|
Silicon Graphics, Inc.
|