auditd.tproj/auditd.h

   1 #ifndef _AUDITD_H_
   2 #define _AUDITD_H_
   3
   4 #include <sys/types.h>
   5 #include <sys/queue.h>
   6 #include <syslog.h>
   7
   8 #define MAX_DIR_SIZE 255
   9 #define AUDITD_NAME    "auditd"
  10
  11 #define POSTFIX_LEN             16
  12 #define NOT_TERMINATED  ".not_terminated"
  13
  14 struct dir_ent {
  15         char *dirname;
  16         char softlim;
  17         TAILQ_ENTRY(dir_ent) dirs;
  18 };
  19
  20 /* audit utility flags */
  21 #define OPEN_NEW                0x1
  22 #define READ_FILE               0x2
  23 #define CLOSE_AND_DIE   0x4
  24
  25 #define HARDLIM_ALL_WARN        "allhard"
  26 #define SOFTLIM_ALL_WARN        "allsoft"
  27 #define AUDITOFF_WARN           "aditoff"
  28 #define EBUSY_WARN              "ebusy"
  29 #define GETACDIR_WARN           "getacdir"
  30 #define HARDLIM_WARN            "hard"
  31 #define NOSTART_WARN            "nostart"
  32 #define POSTSIGTERM_WARN        "postsigterm"
  33 #define SOFTLIM_WARN            "soft"
  34 #define TMPFILE_WARN            "tmpfile"
  35
  36 #define AUDITWARN_SCRIPT        "/etc/security/audit_warn"
  37 #define AUDITD_PIDFILE          "/var/run/auditd.pid"
  38
  39 int audit_warn_allhard(int count);
  40 int audit_warn_allsoft();
  41 int audit_warn_auditoff();
  42 int audit_warn_ebusy();
  43 int audit_warn_getacdir(char *filename);
  44 int audit_warn_hard(char *filename);
  45 int audit_warn_nostart();
  46 int audit_warn_postsigterm();
  47 int audit_warn_soft(char *filename);
  48 int audit_warn_tmpfile();
  49
  50 #endif /* !_AUDITD_H_ */
  51