diff options
Diffstat (limited to 'libseaudit/include/seaudit/log.h')
| -rw-r--r-- | libseaudit/include/seaudit/log.h | 162 |
1 files changed, 162 insertions, 0 deletions
diff --git a/libseaudit/include/seaudit/log.h b/libseaudit/include/seaudit/log.h new file mode 100644 index 0000000..b94a2a1 --- /dev/null +++ b/libseaudit/include/seaudit/log.h @@ -0,0 +1,162 @@ +/** + * @file + * + * Public interface for the main libseaudit object, seaudit_log. + * Note that there is no public way to get at the messages stored + * within a model. For that, the caller must create a seaudit_model + * and then access messages through the model. + * + * @author Jeremy A. Mowery jmowery@tresys.com + * @author Jason Tang jtang@tresys.com + * @author Jeremy Solt jsolt@tresys.com + * + * Copyright (C) 2003-2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef SEAUDIT_LOG_H +#define SEAUDIT_LOG_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include <stdarg.h> +#include <apol/vector.h> + + typedef struct seaudit_log seaudit_log_t; + typedef void (*seaudit_handle_fn_t) (void *arg, const seaudit_log_t * log, int level, const char *fmt, va_list va_args); + +/** + * Define the types of logs that this library can parse. + */ + typedef enum seaudit_log_type + { + SEAUDIT_LOG_TYPE_INVALID = 0, + SEAUDIT_LOG_TYPE_SYSLOG, + SEAUDIT_LOG_TYPE_AUDITD + } seaudit_log_type_e; + +/** + * Allocate and initialize a new seaudit log structure. This + * structure holds log messages from one or more files; call + * seaudit_log_parse() to actually add messages to this log. + * + * @param fn Function to be called by the error handler. If NULL + * then write messages to standard error. + * @param callback_arg Argument for the callback. + * + * @return A newly allocated and initialized seaudit log structure or + * NULL on error; if the call fails, errno will be set. The caller is + * responsible for calling seaudit_log_destroy() to free memory used + * by this structure. + */ + extern seaudit_log_t *seaudit_log_create(seaudit_handle_fn_t fn, void *callback_arg); + +/** + * Free all memory used by an seaudit log structure and set it to + * NULL. + * + * @param log Reference pointer to the log structure to destroy. This + * pointer will be set to NULL. (If already NULL, function is a + * no-op.) + */ + extern void seaudit_log_destroy(seaudit_log_t ** log); + +/** + * Remove all messages from the log. The next time the model(s) that + * are watching this log are accessed, they will be refreshed. Note + * that any existing pointers to messages within this log will become + * invalid. (This function does not actually delete the log file from + * disk; it just removes them from memory.) + * + * @param log Log to clear. + */ + extern void seaudit_log_clear(seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all users found within + * the log file. The vector will be sorted alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted users, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_users(const seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all roles found within + * the log file. The vector will be sorted alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted roles, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_roles(const seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all types found within + * the log file. The vector will be sorted alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted types, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_types(const seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all mls levels found within + * the log file. The vector will be sorted alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted types, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_mls_lvl(const seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all mls clearance found within + * the log file. The vector will be sorted alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted types, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_mls_clr(const seaudit_log_t * log); + +/** + * Return a vector of strings corresponding to all object classes + * found within the log file. The vector will be sorted + * alphabetically. + * + * @param log Log file to access. + * + * @return Vector of sorted classes, or NULL upon error. The caller + * must call apol_vector_destroy() upon the return value. + */ + apol_vector_t *seaudit_log_get_classes(const seaudit_log_t * log); + +#ifdef __cplusplus +} +#endif + +#endif |