[apple/system_cmds.git] / auditd.tproj / auditd.h

#ifndef _AUDITD_H_
#define _AUDITD_H_

#include <sys/types.h>
#include <sys/queue.h>
#include <syslog.h>

#define MAX_DIR_SIZE 255
#define AUDITD_NAME    "auditd"

#define POSTFIX_LEN		16
#define NOT_TERMINATED	".not_terminated" 

struct dir_ent {
	char *dirname;
	char softlim;
	TAILQ_ENTRY(dir_ent) dirs;
};

/* audit utility flags */
#define OPEN_NEW		0x1
#define READ_FILE		0x2
#define CLOSE_AND_DIE 	0x4

#define HARDLIM_ALL_WARN        "allhard"
#define SOFTLIM_ALL_WARN        "allsoft"
#define AUDITOFF_WARN           "aditoff"
#define EBUSY_WARN              "ebusy"
#define GETACDIR_WARN           "getacdir"
#define HARDLIM_WARN            "hard"
#define NOSTART_WARN            "nostart"
#define POSTSIGTERM_WARN        "postsigterm"
#define SOFTLIM_WARN            "soft"
#define TMPFILE_WARN            "tmpfile"

#define AUDITWARN_SCRIPT        "/etc/security/audit_warn"
#define AUDITD_PIDFILE		"/var/run/auditd.pid"

int audit_warn_allhard(int count);
int audit_warn_allsoft();
int audit_warn_auditoff();
int audit_warn_ebusy();
int audit_warn_getacdir(char *filename);
int audit_warn_hard(char *filename);
int audit_warn_nostart();
int audit_warn_postsigterm();
int audit_warn_soft(char *filename);
int audit_warn_tmpfile();

#endif /* !_AUDITD_H_ */
Commit	Line	Data
2fc1e207 A	1	#ifndef _AUDITD_H_
	2	#define _AUDITD_H_
	3
	4	#include <sys/types.h>
	5	#include <sys/queue.h>
	6	#include <syslog.h>
	7
	8	#define MAX_DIR_SIZE 255
	9	#define AUDITD_NAME "auditd"
	10
	11	#define POSTFIX_LEN 16
	12	#define NOT_TERMINATED ".not_terminated"
	13
	14	struct dir_ent {
	15	char *dirname;
	16	char softlim;
	17	TAILQ_ENTRY(dir_ent) dirs;
	18	};
	19
	20	/* audit utility flags */
	21	#define OPEN_NEW 0x1
	22	#define READ_FILE 0x2
	23	#define CLOSE_AND_DIE 0x4
	24
	25	#define HARDLIM_ALL_WARN "allhard"
	26	#define SOFTLIM_ALL_WARN "allsoft"
	27	#define AUDITOFF_WARN "aditoff"
	28	#define EBUSY_WARN "ebusy"
	29	#define GETACDIR_WARN "getacdir"
	30	#define HARDLIM_WARN "hard"
	31	#define NOSTART_WARN "nostart"
	32	#define POSTSIGTERM_WARN "postsigterm"
	33	#define SOFTLIM_WARN "soft"
	34	#define TMPFILE_WARN "tmpfile"
	35
	36	#define AUDITWARN_SCRIPT "/etc/security/audit_warn"
	37	#define AUDITD_PIDFILE "/var/run/auditd.pid"
	38
	39	int audit_warn_allhard(int count);
	40	int audit_warn_allsoft();
	41	int audit_warn_auditoff();
	42	int audit_warn_ebusy();
	43	int audit_warn_getacdir(char *filename);
	44	int audit_warn_hard(char *filename);
	45	int audit_warn_nostart();
	46	int audit_warn_postsigterm();
	47	int audit_warn_soft(char *filename);
	48	int audit_warn_tmpfile();
	49
	50	#endif /* !_AUDITD_H_ */
	51