I’m trying to document the Linux Audit-Subsystem in a “white paper”. The target is a distribution-agnostic presentation. That doesn’t mean I can’t mention OpenSuSE, or reference documentation in the end-notes.
I’m currently reading:
Linux Audit-Subsystem Design Documentation for Kernel 2.6, Version 0.1 ( PDF ).
I’m also interested in other documentation that discusses Linux auditing, authentication and access control, and other security related issues such as encryption. The target is Linux used as a server, as opposed to as an end user workstation.
The more recent the documentation, the better.