dce_aud_start_with_uuid(3sec)Determines whether a specified event should be audited given the client/server UUID and the event outcome. Used by client/server applications which already know the UUIDs of their clients and wish to avoid the overhead of the audit library acquiring them Synopsis
#include <dce/audit.h> Parameters Input
event
server_uuid
client_uuid
realm_uuid
address
options It can also be used to specify any of two options: to always log an audit record (aud_c_evt_always_log) or to always send an alarm message to the standard output (aud_c_evt_always_alarm). If any of these two options is selected, the filter is bypassed. The value of the options parameter is the bitwise OR of any selected combination of the following option values:
The event outcome to be stored in the header. The following event outcome values are defined:
ard
status
Description The dce_aud_start_with_uuid( ) function is designed to be used by RPC applications that know their client's identity in UUID form. Otherwise, RPC applications should use dce_aud_start( ). Non-RPC applications that use the DCE authorization model should use dce_aud_start_with_pac( ). The dce_aud_start_with_name( ) function should be used by Non-RPC applications that do not use the DCE authorization model. This function records the input identity parameters in the newly-created audit record descriptor. Event-specific information can be added to the record by using the dce_aud_put_ev_info( ) function, which can be called multiple times after calling any of the dce_aud_start_* and before calling dce_aud_commit( ). A completed audit record can either be appended to an audit trail file or sent to the Audit daemon by calling dce_aud_commit( ). This function searches for all relevant filters (for the specified subject and outcome, if these are specified), summarizes the actions for each possible event outcome, and records an outcome-action table with ard. If the outcome is specified when calling this function and the outcome does not require any action according to filters, then this function returns a NULL ard. If the outcome is not specified in the dce_aud_start_with_uuid( ) call, dce_aud_start_with_uuid( ) returns a NULL ard if no action is required for all possible outcomes. The caller should not change the outcome between the dce_aud_start_with_uuid( ) and dce_aud_commit( ) calls arbitrarily. In this case, the outcome can be made more specific, for example, from aud_c_esl_cond_unknown to aud_c_esl_cond_success or from aud_c_esl_cond_pending to aud_c_esl_cond_success. An outcome change from aud_c_esl_cond_success to aud_c_esl_cond_denial is not logically correct because the outcome aud_c_esl_cond_success may have caused a NULL ard to be returned in this function. If the final outcome can be aud_c_esl_cond_success, then it should be specified in this function, or use aud_c_esl_cond_unknown. This function can be called with the outcome parameter taking a value of zero or the union (logical OR) of selected values from the set of constants aud_c_esl_cond_success, aud_c_esl_cond_failure, aud_c_esl_cond_denial, and aud_c_esl_cond_pending. The outcome parameter used in the dce_aud_commit( ) function should take one value from the same set of constants. If dce_aud_start_with_uuid( ) used a non-zero value for outcome, then the constant used for outcome in the dce_aud_commit( ) call should have been selected in the dce_aud_start_with_uuid( ) call.
Return Values Errors The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.
aud_s_ok Status codes passed from dce_aud_start_with_pac( ).
Related Information dce_aud_start_with_server_binding(3sec)
|