NAME
getauduser — retrieve the accountable user for the current process
SYNOPSIS
#include <sys/audit.h>
int getauduser(char *user, char *stime, size_t usize, size_t
tsize);
DESCRIPTION
getauduser()
retrieves the accountable user for the current process
and saves the information into the buffer pointed to by
user.
It also retrieves the time of authentication
and saves it
into the buffer pointed to by
stime,
if the information is available.
Caller must set
usize
and
tsize
to the size of the
user
and the
stime
buffers.
Note that the two buffers are always null terminated, even if
it results in loss of some data.
Programs using this routine must be compiled with
-lsec.
Security Restrictions
This call requires the user be superuser or possess
SELFAUDIT
privilege.
See
privileges(5)
for details.
RETURN VALUE
getauduser()
returns the following values:
- n
Successful completion.
n
is the length of the retrieved login name, excluding
the null byte. If
n
is less than
usize,
the login name is retrieved without truncation. Otherwise,
usize
-1 bytes of login name are copied into
user,
and
user
is null terminated. The caller needs to retry
getauduser()
with a larger buffer.
- -1
Failure.
errno
is set to indicate the error.
ERRORS
If
getauduser
fails,
errno
is set to one of the following values:
- EPERM
The caller is not a superuser or a privileged process.
- EINVAL
The size of
stime
buffer is smaller than
MAX_TIME_LEN+1.
See
<sys/audit.h>.
- EILSEQ
Unrecognized
audit tag.
EXAMPLES
char user[256], time[MAX_TIME_LEN+1];
int n;
if ((n=getauduser(user, time, sizeof(user), sizeof(time))) == -1) {
non_overflow_errors();
} else if (n >= sizeof(user)) {
overflow_error();
}
AUTHOR
getauduser()
was developed by HP.
The return values and null padding semantics for this system call
are chosen such that a chance for buffer overflows in a C
program is minimized. These semantics were inspired by
snprintf()
of C99 and
strlcpy()
and
strlcat()
as they appeared in
OpenBSD.
Printable version
