On Tuesday 07 August 2007 10:10:07 am Klaus Heinrich Kiwi wrote: > I'm interested in developing an audit plug-in to forward events to z/OS > RACF (sort of a centralized AAA facility for IBM System Z systems).
Nice. > What is your general idea for audit plug-ins deploymet? You would drop a config file into /etc/audisp/plugins.d and it contains the information to tell the dispatcher what to do. I think there are a couple in audit-1.5.7/new_audispd/configs to look at for an example. > Would we be able to contribute the plug-ins to the audit userspace so that > they can be available in the audit source package, and then maybe in a > separate binary package upon building? That sounds good unless... > Can you give us some hints about how would you want this code contributions > and how would you want these blended in the audit tree? I'm wanting to keep the audit code GPLv2+ and the libraries LGPLv2+ so that if there is any compelling reason to change licenses that the project can do that. But I don't have any immediate plans to change to v3 right now. I would like to just create a plugins directory under audit-1.5.7/new_audispd and then each plugin under that. I'm looking to move the project to Feodora's cvs facilities sometime soon. So, maybe the 1.5.8 release I could merge any plugins? I also need to do a quick write-up for what is expected of a plugin before I start accepting them. -Steve -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
