[redhat-lspp] auditing under lspp
Dustin Kirkland
dustin.kirkland at us.ibm.com
Wed Sep 21 21:29:16 UTC 2005
On 9/21/05, Steve Grubb <sgrubb at redhat.com> wrote:
> On Wednesday 21 September 2005 15:25, Timothy R. Chavez wrote:
> > So -t user and -t, seems a little ambiguous :)?
Agreed.
> I was thinking to create name spaces so that the command is structured
> more like
>
> auditctl <subsystem> [options]
>
> where subsystem is syscall, file, net, keys, config, ...
> and no subsystem defaults to syscall. This is kind of like the ip
> command. The subsystem would basically decide which getopt to call. Is
> that too confusing?
I think this is accomplished pretty successfully with the mdadm RAID
tools command. And I don't think that this necessarily steps on top of
what Tim is suggesting... I think it's a *great* idea to support both
--filter and -F. That would really make some of the more complicated
controls self-documenting.
:-Dustin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20050921/ccacd328/attachment.sig>
More information about the redhat-lspp
mailing list