Re: Audit Parsing Library Requirements
On Thu, Mar 09, 2006 at 11:31:57AM -0600, Michael C Thompson wrote:
linux-audit-bounces(a)redhat.com wrote on 03/09/2006 11:08:05 AM:
> So you would likely do:
> ausearch_set_param("syscall", "open");
> ausearch_set_param("gid", "500");
Since you are eventually going after Python support, it would be awesome
if (in Pyhton) you could supply a list of pairs, since making multiple
calls is not very friendly.
The Python map() builtin can already do that for you:
map(set_param, ("syscall", "gid", "auid"),
("open", 500, 501))
or, if you prefer the list of pairs instead of separate lists:
map(set_param, *zip(("syscall", "open"), ("gid", 500),
("auid", 501)))
which could of course be wrapped into a set_params() helper function.
As a side note, the high-level interface should be smart enough to take
integers (or general printable objects) instead of insisting on strings.
This wouldn't need to be visible to the low-level interface.
-Klaus