1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #ifndef _BSM_LIBBSM_H 28*7c478bd9Sstevel@tonic-gate #define _BSM_LIBBSM_H 29*7c478bd9Sstevel@tonic-gate 30*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate #include <secdb.h> 33*7c478bd9Sstevel@tonic-gate #include <stdio.h> 34*7c478bd9Sstevel@tonic-gate #include <errno.h> 35*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 36*7c478bd9Sstevel@tonic-gate #include <bsm/audit.h> 37*7c478bd9Sstevel@tonic-gate #include <bsm/audit_record.h> 38*7c478bd9Sstevel@tonic-gate 39*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 40*7c478bd9Sstevel@tonic-gate extern "C" { 41*7c478bd9Sstevel@tonic-gate #endif 42*7c478bd9Sstevel@tonic-gate 43*7c478bd9Sstevel@tonic-gate #ifndef TEXT_DOMAIN 44*7c478bd9Sstevel@tonic-gate #define TEXT_DOMAIN "SUNW_OST_OSLIB" 45*7c478bd9Sstevel@tonic-gate #endif 46*7c478bd9Sstevel@tonic-gate 47*7c478bd9Sstevel@tonic-gate extern const char *bsm_dom; 48*7c478bd9Sstevel@tonic-gate 49*7c478bd9Sstevel@tonic-gate /* 50*7c478bd9Sstevel@tonic-gate * For audit_event(5) 51*7c478bd9Sstevel@tonic-gate */ 52*7c478bd9Sstevel@tonic-gate struct au_event_ent { 53*7c478bd9Sstevel@tonic-gate au_event_t ae_number; 54*7c478bd9Sstevel@tonic-gate char *ae_name; 55*7c478bd9Sstevel@tonic-gate char *ae_desc; 56*7c478bd9Sstevel@tonic-gate au_class_t ae_class; 57*7c478bd9Sstevel@tonic-gate }; 58*7c478bd9Sstevel@tonic-gate typedef struct au_event_ent au_event_ent_t; 59*7c478bd9Sstevel@tonic-gate 60*7c478bd9Sstevel@tonic-gate /* 61*7c478bd9Sstevel@tonic-gate * For audit_class(5) 62*7c478bd9Sstevel@tonic-gate */ 63*7c478bd9Sstevel@tonic-gate struct au_class_ent { 64*7c478bd9Sstevel@tonic-gate char *ac_name; 65*7c478bd9Sstevel@tonic-gate au_class_t ac_class; 66*7c478bd9Sstevel@tonic-gate char *ac_desc; 67*7c478bd9Sstevel@tonic-gate }; 68*7c478bd9Sstevel@tonic-gate typedef struct au_class_ent au_class_ent_t; 69*7c478bd9Sstevel@tonic-gate 70*7c478bd9Sstevel@tonic-gate /* 71*7c478bd9Sstevel@tonic-gate * For audit_user(5) 72*7c478bd9Sstevel@tonic-gate */ 73*7c478bd9Sstevel@tonic-gate struct au_user_ent { 74*7c478bd9Sstevel@tonic-gate char *au_name; 75*7c478bd9Sstevel@tonic-gate au_mask_t au_always; 76*7c478bd9Sstevel@tonic-gate au_mask_t au_never; 77*7c478bd9Sstevel@tonic-gate }; 78*7c478bd9Sstevel@tonic-gate typedef struct au_user_ent au_user_ent_t; 79*7c478bd9Sstevel@tonic-gate 80*7c478bd9Sstevel@tonic-gate /* 81*7c478bd9Sstevel@tonic-gate * Internal representation of audit user in libnsl 82*7c478bd9Sstevel@tonic-gate */ 83*7c478bd9Sstevel@tonic-gate typedef struct au_user_str_s { 84*7c478bd9Sstevel@tonic-gate char *au_name; 85*7c478bd9Sstevel@tonic-gate char *au_always; 86*7c478bd9Sstevel@tonic-gate char *au_never; 87*7c478bd9Sstevel@tonic-gate } au_user_str_t; 88*7c478bd9Sstevel@tonic-gate 89*7c478bd9Sstevel@tonic-gate /* 90*7c478bd9Sstevel@tonic-gate * opaque context value for getacval.c 91*7c478bd9Sstevel@tonic-gate */ 92*7c478bd9Sstevel@tonic-gate typedef struct au_acinfo au_acinfo_t; 93*7c478bd9Sstevel@tonic-gate 94*7c478bd9Sstevel@tonic-gate /* 95*7c478bd9Sstevel@tonic-gate * adrf's version of adr_t 96*7c478bd9Sstevel@tonic-gate */ 97*7c478bd9Sstevel@tonic-gate typedef struct adrf_s { 98*7c478bd9Sstevel@tonic-gate adr_t *adrf_adr; 99*7c478bd9Sstevel@tonic-gate FILE *adrf_fp; 100*7c478bd9Sstevel@tonic-gate } adrf_t; 101*7c478bd9Sstevel@tonic-gate 102*7c478bd9Sstevel@tonic-gate /* 103*7c478bd9Sstevel@tonic-gate * Functions that manipulate bytes from an audit file 104*7c478bd9Sstevel@tonic-gate */ 105*7c478bd9Sstevel@tonic-gate 106*7c478bd9Sstevel@tonic-gate extern void adr_char(adr_t *, char *, int); 107*7c478bd9Sstevel@tonic-gate extern int adr_count(adr_t *); 108*7c478bd9Sstevel@tonic-gate extern void adr_int32(adr_t *, int32_t *, int); 109*7c478bd9Sstevel@tonic-gate extern void adr_int64(adr_t *, int64_t *, int); 110*7c478bd9Sstevel@tonic-gate extern void adr_short(adr_t *, short *, int); 111*7c478bd9Sstevel@tonic-gate extern void adr_start(adr_t *, char *); 112*7c478bd9Sstevel@tonic-gate 113*7c478bd9Sstevel@tonic-gate extern int adrf_char(adrf_t *, char *, int); 114*7c478bd9Sstevel@tonic-gate extern int adrf_int32(adrf_t *, int32_t *, int); 115*7c478bd9Sstevel@tonic-gate extern int adrf_int64(adrf_t *, int64_t *, int); 116*7c478bd9Sstevel@tonic-gate extern int adrf_short(adrf_t *, short *, int); 117*7c478bd9Sstevel@tonic-gate extern void adrf_start(adrf_t *, adr_t *, FILE *); 118*7c478bd9Sstevel@tonic-gate extern int adrf_u_char(adrf_t *, uchar_t *, int); 119*7c478bd9Sstevel@tonic-gate extern int adrf_u_int32(adrf_t *, uint32_t *, int); 120*7c478bd9Sstevel@tonic-gate extern int adrf_u_int64(adrf_t *, uint64_t *, int); 121*7c478bd9Sstevel@tonic-gate extern int adrf_u_short(adrf_t *, ushort_t *, int); 122*7c478bd9Sstevel@tonic-gate 123*7c478bd9Sstevel@tonic-gate /* 124*7c478bd9Sstevel@tonic-gate * Functions that manipulate bytes from an audit character stream. 125*7c478bd9Sstevel@tonic-gate */ 126*7c478bd9Sstevel@tonic-gate 127*7c478bd9Sstevel@tonic-gate extern void adrm_start(adr_t *, char *); 128*7c478bd9Sstevel@tonic-gate extern void adrm_char(adr_t *, char *, int); 129*7c478bd9Sstevel@tonic-gate extern void adrm_short(adr_t *, short *, int); 130*7c478bd9Sstevel@tonic-gate extern void adrm_int64(adr_t *, int64_t *, int); 131*7c478bd9Sstevel@tonic-gate extern void adrm_int32(adr_t *, int32_t *, int); 132*7c478bd9Sstevel@tonic-gate extern void adrm_u_int32(adr_t *, uint32_t *, int); 133*7c478bd9Sstevel@tonic-gate extern void adrm_u_char(adr_t *, uchar_t *, int); 134*7c478bd9Sstevel@tonic-gate extern void adrm_u_int64(adr_t *, uint64_t *, int); 135*7c478bd9Sstevel@tonic-gate extern void adrm_u_short(adr_t *, ushort_t *, int); 136*7c478bd9Sstevel@tonic-gate extern void adrm_putint32(adr_t *, int32_t *, int); 137*7c478bd9Sstevel@tonic-gate 138*7c478bd9Sstevel@tonic-gate /* 139*7c478bd9Sstevel@tonic-gate * Functions that do I/O for audit files 140*7c478bd9Sstevel@tonic-gate */ 141*7c478bd9Sstevel@tonic-gate 142*7c478bd9Sstevel@tonic-gate extern int au_close(int, int, short); 143*7c478bd9Sstevel@tonic-gate extern int au_open(void); 144*7c478bd9Sstevel@tonic-gate extern int au_write(int, token_t *); 145*7c478bd9Sstevel@tonic-gate extern int au_read_rec(FILE *, char **); 146*7c478bd9Sstevel@tonic-gate extern int au_fetch_tok(au_token_t *, char *, int); 147*7c478bd9Sstevel@tonic-gate extern int au_print_tok(FILE *, au_token_t *, char *, char *, char *, int); 148*7c478bd9Sstevel@tonic-gate 149*7c478bd9Sstevel@tonic-gate /* 150*7c478bd9Sstevel@tonic-gate * Functions than manipulate audit events 151*7c478bd9Sstevel@tonic-gate */ 152*7c478bd9Sstevel@tonic-gate 153*7c478bd9Sstevel@tonic-gate extern void setauevent(void); 154*7c478bd9Sstevel@tonic-gate extern void endauevent(void); 155*7c478bd9Sstevel@tonic-gate extern int setaueventfile(char *); 156*7c478bd9Sstevel@tonic-gate 157*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevent(void); 158*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevent_r(au_event_ent_t *); 159*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevnam(char *); 160*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevnam_r(au_event_ent_t *, char *); 161*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevnum(au_event_t); 162*7c478bd9Sstevel@tonic-gate extern au_event_ent_t *getauevnum_r(au_event_ent_t *, au_event_t); 163*7c478bd9Sstevel@tonic-gate extern au_event_t getauevnonam(char *); 164*7c478bd9Sstevel@tonic-gate extern int au_preselect(au_event_t, au_mask_t *, int, int); 165*7c478bd9Sstevel@tonic-gate extern int cacheauevent(au_event_ent_t **, au_event_t); 166*7c478bd9Sstevel@tonic-gate 167*7c478bd9Sstevel@tonic-gate /* 168*7c478bd9Sstevel@tonic-gate * Functions that manipulate audit classes 169*7c478bd9Sstevel@tonic-gate */ 170*7c478bd9Sstevel@tonic-gate 171*7c478bd9Sstevel@tonic-gate extern void setauclass(void); 172*7c478bd9Sstevel@tonic-gate extern void endauclass(void); 173*7c478bd9Sstevel@tonic-gate extern int setauclassfile(char *); 174*7c478bd9Sstevel@tonic-gate 175*7c478bd9Sstevel@tonic-gate extern int cacheauclass(au_class_ent_t **, au_class_t); 176*7c478bd9Sstevel@tonic-gate extern int cacheauclassnam(au_class_ent_t **, char *); 177*7c478bd9Sstevel@tonic-gate extern au_class_ent_t *getauclassent(void); 178*7c478bd9Sstevel@tonic-gate extern au_class_ent_t *getauclassent_r(au_class_ent_t *); 179*7c478bd9Sstevel@tonic-gate extern au_class_ent_t *getauclassnam(char *); 180*7c478bd9Sstevel@tonic-gate extern au_class_ent_t *getauclassnam_r(au_class_ent_t *, char *); 181*7c478bd9Sstevel@tonic-gate 182*7c478bd9Sstevel@tonic-gate /* 183*7c478bd9Sstevel@tonic-gate * Functions that manipulate audit attributes of users 184*7c478bd9Sstevel@tonic-gate */ 185*7c478bd9Sstevel@tonic-gate 186*7c478bd9Sstevel@tonic-gate void setauuser(void); 187*7c478bd9Sstevel@tonic-gate void endauuser(void); 188*7c478bd9Sstevel@tonic-gate int setauuserfile(char *); 189*7c478bd9Sstevel@tonic-gate 190*7c478bd9Sstevel@tonic-gate au_user_ent_t *getauuserent(void); 191*7c478bd9Sstevel@tonic-gate au_user_ent_t *getauuserent_r(au_user_ent_t *); 192*7c478bd9Sstevel@tonic-gate au_user_ent_t *getauusernam(char *); 193*7c478bd9Sstevel@tonic-gate au_user_ent_t *getauusernam_r(au_user_ent_t *, char *); 194*7c478bd9Sstevel@tonic-gate 195*7c478bd9Sstevel@tonic-gate /* 196*7c478bd9Sstevel@tonic-gate * Functions that manipulate the audit control file 197*7c478bd9Sstevel@tonic-gate */ 198*7c478bd9Sstevel@tonic-gate 199*7c478bd9Sstevel@tonic-gate void endac(void); 200*7c478bd9Sstevel@tonic-gate void setac(void); 201*7c478bd9Sstevel@tonic-gate int testac(void); 202*7c478bd9Sstevel@tonic-gate 203*7c478bd9Sstevel@tonic-gate int getacdir(char *, int); 204*7c478bd9Sstevel@tonic-gate int getacmin(int *); 205*7c478bd9Sstevel@tonic-gate int getacna(char *, int); 206*7c478bd9Sstevel@tonic-gate int getacflg(char *, int); 207*7c478bd9Sstevel@tonic-gate 208*7c478bd9Sstevel@tonic-gate /* 209*7c478bd9Sstevel@tonic-gate * Functions that manipulate the audit control file 210*7c478bd9Sstevel@tonic-gate */ 211*7c478bd9Sstevel@tonic-gate 212*7c478bd9Sstevel@tonic-gate 213*7c478bd9Sstevel@tonic-gate au_acinfo_t *_openac(char *); 214*7c478bd9Sstevel@tonic-gate void _endac(au_acinfo_t *); 215*7c478bd9Sstevel@tonic-gate void _rewindac(au_acinfo_t *); 216*7c478bd9Sstevel@tonic-gate 217*7c478bd9Sstevel@tonic-gate int _getacdir(au_acinfo_t *, char *, int); 218*7c478bd9Sstevel@tonic-gate int _getaclib(au_acinfo_t *, kva_t **); 219*7c478bd9Sstevel@tonic-gate int _getacmin(au_acinfo_t *, int *); 220*7c478bd9Sstevel@tonic-gate int _getacna(au_acinfo_t *, char *, int); 221*7c478bd9Sstevel@tonic-gate int _getacflg(au_acinfo_t *, char *, int); 222*7c478bd9Sstevel@tonic-gate int _getacplug(au_acinfo_t *, kva_t **); 223*7c478bd9Sstevel@tonic-gate 224*7c478bd9Sstevel@tonic-gate /* 225*7c478bd9Sstevel@tonic-gate * Functions that manipulate audit masks 226*7c478bd9Sstevel@tonic-gate */ 227*7c478bd9Sstevel@tonic-gate 228*7c478bd9Sstevel@tonic-gate extern int au_user_mask(char *, au_mask_t *); 229*7c478bd9Sstevel@tonic-gate extern int getauditflagsbin(char *, au_mask_t *); 230*7c478bd9Sstevel@tonic-gate extern int getauditflagschar(char *, au_mask_t *, int); 231*7c478bd9Sstevel@tonic-gate extern int getfauditflags(au_mask_t *, au_mask_t *, au_mask_t *); 232*7c478bd9Sstevel@tonic-gate 233*7c478bd9Sstevel@tonic-gate /* 234*7c478bd9Sstevel@tonic-gate * Functions that do system calls 235*7c478bd9Sstevel@tonic-gate */ 236*7c478bd9Sstevel@tonic-gate 237*7c478bd9Sstevel@tonic-gate extern int audit(char *, int); 238*7c478bd9Sstevel@tonic-gate extern int auditon(int, caddr_t, int); 239*7c478bd9Sstevel@tonic-gate extern int auditstat(au_stat_t *); 240*7c478bd9Sstevel@tonic-gate extern int auditsvc(int, int); 241*7c478bd9Sstevel@tonic-gate extern int auditdoor(int); 242*7c478bd9Sstevel@tonic-gate extern int audituser(char *); 243*7c478bd9Sstevel@tonic-gate extern int getaudit(auditinfo_t *); 244*7c478bd9Sstevel@tonic-gate extern int getaudit_addr(auditinfo_addr_t *, int); 245*7c478bd9Sstevel@tonic-gate extern int getauid(au_id_t *); 246*7c478bd9Sstevel@tonic-gate extern int getkernstate(au_mask_t *); 247*7c478bd9Sstevel@tonic-gate extern int getuseraudit(au_id_t, au_mask_t *); 248*7c478bd9Sstevel@tonic-gate extern int setaudit(auditinfo_t *); 249*7c478bd9Sstevel@tonic-gate extern int setaudit_addr(auditinfo_addr_t *, int); 250*7c478bd9Sstevel@tonic-gate extern int setauid(au_id_t *); 251*7c478bd9Sstevel@tonic-gate extern int setkernstate(au_mask_t *); 252*7c478bd9Sstevel@tonic-gate extern int setuseraudit(au_id_t, au_mask_t *); 253*7c478bd9Sstevel@tonic-gate 254*7c478bd9Sstevel@tonic-gate #define BSM_TEXTBUFSZ 256 /* size of string for generic text token */ 255*7c478bd9Sstevel@tonic-gate 256*7c478bd9Sstevel@tonic-gate /* 257*7c478bd9Sstevel@tonic-gate * Defines for au_preselect(3) 258*7c478bd9Sstevel@tonic-gate */ 259*7c478bd9Sstevel@tonic-gate #define AU_PRS_SUCCESS 1 260*7c478bd9Sstevel@tonic-gate #define AU_PRS_FAILURE 2 261*7c478bd9Sstevel@tonic-gate #define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE) 262*7c478bd9Sstevel@tonic-gate 263*7c478bd9Sstevel@tonic-gate #define AU_PRS_USECACHE 0 264*7c478bd9Sstevel@tonic-gate #define AU_PRS_REREAD 1 265*7c478bd9Sstevel@tonic-gate 266*7c478bd9Sstevel@tonic-gate /* 267*7c478bd9Sstevel@tonic-gate * Defines for cacheauclass and cacheauevent 268*7c478bd9Sstevel@tonic-gate */ 269*7c478bd9Sstevel@tonic-gate #define AU_CACHE_FREE 0x0000 270*7c478bd9Sstevel@tonic-gate #define AU_CACHE_NAME 0x0001 271*7c478bd9Sstevel@tonic-gate #define AU_CACHE_NUMBER 0x0002 272*7c478bd9Sstevel@tonic-gate 273*7c478bd9Sstevel@tonic-gate /* Flags for user-level audit routines: au_open, au_close, au_to_ */ 274*7c478bd9Sstevel@tonic-gate #define AU_TO_NO_WRITE 0 275*7c478bd9Sstevel@tonic-gate #define AU_TO_WRITE 1 276*7c478bd9Sstevel@tonic-gate 277*7c478bd9Sstevel@tonic-gate /* Flags for user-level audit routine: au_fetch_tok */ 278*7c478bd9Sstevel@tonic-gate #define AUF_NOOP 0x0000 279*7c478bd9Sstevel@tonic-gate #define AUF_POINT 0x0001 280*7c478bd9Sstevel@tonic-gate #define AUF_DUP 0x0002 281*7c478bd9Sstevel@tonic-gate #define AUF_COPY_IN 0x0004 282*7c478bd9Sstevel@tonic-gate #define AUF_SKIP 0x0008 283*7c478bd9Sstevel@tonic-gate 284*7c478bd9Sstevel@tonic-gate /* system audit files for auditd */ 285*7c478bd9Sstevel@tonic-gate #define AUDITCLASSFILE "/etc/security/audit_class" 286*7c478bd9Sstevel@tonic-gate #define AUDITCONTROLFILE "/etc/security/audit_control" 287*7c478bd9Sstevel@tonic-gate #define AUDITDATAFILE "/etc/security/audit_data" 288*7c478bd9Sstevel@tonic-gate #define AUDITEVENTFILE "/etc/security/audit_event" 289*7c478bd9Sstevel@tonic-gate #define AUDITUSERFILE "/etc/security/audit_user" 290*7c478bd9Sstevel@tonic-gate 291*7c478bd9Sstevel@tonic-gate /* array sizes for audit library structures */ 292*7c478bd9Sstevel@tonic-gate #define AU_CLASS_NAME_MAX 8 293*7c478bd9Sstevel@tonic-gate #define AU_CLASS_DESC_MAX 72 294*7c478bd9Sstevel@tonic-gate #define AU_EVENT_NAME_MAX 30 295*7c478bd9Sstevel@tonic-gate #define AU_EVENT_DESC_MAX 50 296*7c478bd9Sstevel@tonic-gate #define AU_EVENT_LINE_MAX 256 297*7c478bd9Sstevel@tonic-gate 298*7c478bd9Sstevel@tonic-gate /* 299*7c478bd9Sstevel@tonic-gate * Some macros used internally by the nsswitch code 300*7c478bd9Sstevel@tonic-gate */ 301*7c478bd9Sstevel@tonic-gate #define AUDITUSER_FILENAME "/etc/security/audit_user" 302*7c478bd9Sstevel@tonic-gate #define AUDITUSER_DB_NAME "audit_user.org_dir" 303*7c478bd9Sstevel@tonic-gate #define AUDITUSER_DB_NCOL 3 /* total columns */ 304*7c478bd9Sstevel@tonic-gate #define AUDITUSER_DB_NKEYCOL 1 /* total searchable columns */ 305*7c478bd9Sstevel@tonic-gate #define AUDITUSER_DB_TBLT "audit_user_tbl" 306*7c478bd9Sstevel@tonic-gate #define AUDITUSER_SUCCESS 0 307*7c478bd9Sstevel@tonic-gate #define AUDITUSER_PARSE_ERANGE 1 308*7c478bd9Sstevel@tonic-gate #define AUDITUSER_NOT_FOUND 2 309*7c478bd9Sstevel@tonic-gate 310*7c478bd9Sstevel@tonic-gate #define AUDITUSER_COL0_KW "name" 311*7c478bd9Sstevel@tonic-gate #define AUDITUSER_COL1_KW "always" 312*7c478bd9Sstevel@tonic-gate #define AUDITUSER_COL2_KW "never" 313*7c478bd9Sstevel@tonic-gate 314*7c478bd9Sstevel@tonic-gate /* 315*7c478bd9Sstevel@tonic-gate * indices of searchable columns 316*7c478bd9Sstevel@tonic-gate */ 317*7c478bd9Sstevel@tonic-gate #define AUDITUSER_KEYCOL0 0 /* name */ 318*7c478bd9Sstevel@tonic-gate 319*7c478bd9Sstevel@tonic-gate 320*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 321*7c478bd9Sstevel@tonic-gate } 322*7c478bd9Sstevel@tonic-gate #endif 323*7c478bd9Sstevel@tonic-gate 324*7c478bd9Sstevel@tonic-gate #endif /* _BSM_LIBBSM_H */ 325