audit-2.1.3 released
Steve Grubb
sgrubb at redhat.com
Mon Aug 15 18:10:40 UTC 2011
Hi,
I've just released a new version of the audit daemon. It can be downloaded
from http://people.redhat.com/sgrubb/audit. It will also be in rawhide
soon. The ChangeLog is:
- Fix parsing of EXECVE records to not escape argc field
- If auditd's disk is full, send the right reason to client (#715315)
- Add CAP_WAKE_ALARM to interpretations
- Some updates to audisp-remote's remote-fgets function (Mirek Trmac)
- Add detection of TTY events to audisp-prelude (Matteo Sessa)
- Updated syscall tables for the 3.0 kernel
- Update linker flags for better relro support
- Make default size of logs bigger (#727310)
- Extract obj from NETFILTER_PKT events
- Disable 2 kerberos config options in audisp-remote.conf
This update is mostly parser and remote logging fixes. The syscall table was also
updated for the 3.0 kernel and the resulting files were hardened further with gcc
linker flags.
Please let me know if you run across any problems with this release.
-Steve
More information about the Linux-audit
mailing list