diff --git a/back_pwquality.sh b/back_pwquality.sh
index 1cc27c6..29e27a7 100644
--- a/back_pwquality.sh
+++ b/back_pwquality.sh
@@ -1,19 +1,7 @@
 #!/bin/bash
 set -e
-DESTDIR="${DESTDIR:-}"
-PWQUALITY_CONF_FILE="${DESTDIR}/etc/security/pwquality.conf"
-INTERNAL_DIR='/var/lib/linux-infosec-setupper'
 
-_check_argument() {
-	case "$1" in
-	
-	if [[ "$1" == [0-9]* ]]; then
-		return 0
-	else
-		printf $"Argument to %s must be a number" "$2"
-		return 1
-	fi
-}
+source common.sh
 
 _mk_pwquality_conf() {
 	local difok=1 \
diff --git a/common.sh b/common.sh
new file mode 100644
index 0000000..11bbba4
--- /dev/null
+++ b/common.sh
@@ -0,0 +1,20 @@
+# prefix for testing
+DESTDIR="${DESTDIR:-}"
+PWQUALITY_CONF_FILE="${DESTDIR}etc/security/pwquality.conf"
+INTERNAL_DIR="${DESTDIR}var/lib/linux-infosec-setupper"
+# /etc/audit/audit.rules is generated automatically from /etc/audit/rules.d/*,
+# do not edit it; also do not edit any other files, work only with ours,
+# assume that there are no other configs or they have lower priority
+AUDIT_RULES_FILE=${DESTDIR}etc/audit/rules.d/90-linux-infosec-setupper.rules
+AUDIT_DAEMON_CONFIG=${DESTDIR}etc/audit/auditd.conf
+
+_check_argument() {
+	case "$1" in
+	
+	if [[ "$1" == [0-9]* ]]; then
+		return 0
+	else
+		printf $"Argument to %s must be a number" "$2"
+		return 1
+	fi
+}
diff --git a/mikhailnov.sh b/mikhailnov.sh
index e69de29..510e2e0 100755
--- a/mikhailnov.sh
+++ b/mikhailnov.sh
@@ -0,0 +1,7 @@
+_is_auditd_enabled(){
+	# may add additional checks later
+	systemctl is-active -q autitd
+}
+
+_mk_audit
+