satread(2)                                                          satread(2)


NAME
     satread - read a block of audit record data

C SYNOPSIS
     #include <sys/sat.h>

     int satread (char *buffer, unsigned nbytes)

DESCRIPTION
     satread attempts to read nbytes bytes from the security audit trail
     record queue into the buffer pointed to by buffer.

     satread destroys the data that has been read.  A subsequent satread call
     will read new and different data.

ERRORS
     satread will fail if one or more of the following are true:

     [ENOPKG]       Audit is not configured on this system.

     [EPERM]        The caller doesn't have CAP_AUDIT_CONTROL capability.

     [EFAULT]       data cannot be copied from the kernel into buffer.

     [EACCES]       the caller's process label does not dominate dbadmin,
                    which is to say, it must dominate MsenAdmin,MintHigh.

     [EACCES]       there is a sat daemon running on the system, and the
                    caller is not that daemon.

RETURN VALUE
     A return value of -1 indicates an error and errno is set to indicate the
     error.  Otherwise the number of bytes copied into buffer is returned.

SEE ALSO
     satd(1m), satoff(2), saton(2), satstate(2), satwrite(2)

ORIGIN
     Silicon Graphics, Inc.


                                                                        Page 1