I'm looking to write a fairly simple (at least at first) module that I can use to just log all of the commands root executes on a machine. I think LSM is probably the best way to handle this from what I've read so far, but I"m having trouble getting started. I've been reviewing the general linux kernel module documentation already. I've done some work there before, though mostly in patches. The root plug module is interesting...but the code doesn't (at least at first blush) seem to reflect the current code. Is it more up to date than it seems to my untrained eyes? I'm curious if there are some other examples out there that I can look at? Preferably something simpler to get into than say SELinux. Or is there some documentation I can read? I looked over the documentation at immunix.org<http://immunix.org>, but it is mostly an overview and then a list of functions. Valuable and appreciated to be sure, but I was hoping for a bit more detail on the concepts and such. Thanks
This archive was generated by hypermail 2.1.3 : Thu Oct 27 2005 - 16:02:18 PDT