man7.org > Linux > man-pages

Linux/UNIX system programming training

audit_log_user_command(3) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | SEE ALSO | AUTHOR | COLOPHON 

AUDIT_LOG_USER_COMMAND(3)    Linux Audit API    AUDIT_LOG_USER_COMMAND(3)

NAME         top

       audit_log_user_command - log a user command

SYNOPSIS         top

       #include <libaudit.h>

       int audit_log_user_command(int audit_fd, int type, const char
       *command, const char *tty, int result);

DESCRIPTION         top

       This function will log a command to the audit system using a
       predefined message format. It encodes the command as the audit
       system expects for untrusted strings. This function should be used
       by all apps need to record commands. The function parameters are
       as follows:

       audit_fd - The fd returned by audit_open
       type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN
       command - the command being logged
       tty - The tty of the user, if NULL will attempt to figure out
       result - 1 is "success" and 0 is "failed"

RETURN VALUE         top

       It returns the sequence number which is > 0 on success or <= 0 on
       error.

ERRORS         top

       This function returns -1 on failure. Examine errno for more info.

SEE ALSO         top

       audit_log_user_message(3), audit_log_user_comm_message(3),
       audit_log_acct_message(3), audit_log_user_avc_message(3),
       audit_log_semanage_message(3).

AUTHOR         top

       Steve Grubb

COLOPHON         top

       This page is part of the audit (Linux Audit) project.  Information
       about the project can be found at 
       ⟨http://people.redhat.com/sgrubb/audit/⟩.  If you have a bug report
       for this manual page, send it to linux-audit@redhat.com.  This
       page was obtained from the project's upstream Git repository
       ⟨https://github.com/linux-audit/audit-userspace.git⟩ on
       2025-02-02.  (At that time, the date of the most recent commit
       that was found in the repository was 2025-01-31.)  If you discover
       any rendering problems in this HTML version of the page, or you
       believe there is a better or more up-to-date source for the page,
       or you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a
       mail to man-pages@man7.org

Red Hat                          Feb 2007       AUDIT_LOG_USER_COMMAND(3)

HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI