splitting up auditctl

Friday, 23 September 2005

Hi,

It was suggested to me that perhaps splitting out auditctl's functionality 
logically into separate tools, might be something to consider.  For instance, 
adding and removing rules could be done by the 'aurule' command, leaving
'auditctl' to handle things like backlog, rate limits, enabling and disabling 
of the audit subsystem, etc.  I have to admit, I quite like the idea.

I'm not a big fan of all-in-wonder tools and that if we could, we should split 
auditctl up before it turns into a menagerie of ideas that are linked simply 
by the fact they interact or utilize the audit subsystem in some way, shape, 
or form.

-tim

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

splitting up auditctl