libprelude in RHEL 6
Steve Grubb
sgrubb at redhat.com
Sun Jan 16 16:56:00 UTC 2011
On Sunday, January 16, 2011 10:43:46 am Joe Nall wrote:
> On Jan 16, 2011, at 8:33 AM, Steve Grubb wrote:
> > On Saturday, January 15, 2011 03:09:05 pm Joe Nall wrote:
> >> I can find libprelude-devel.x86_64 in the RHEL 6 repos, but not
> >> libprelude or the i686 versions. Did I miss a rename, repackage or a
> >> repo?
> >
> >
> >
> > I can't find 'libprelude-*' in any RHEL6 variant. The spec file for the
> > audit daemon on RHEL6 also makes no "BuildRequires" statements on
> > libprelude-*. Fedora, on the otherhand, is different.
>
> Ok, I found libprelude-devel-0.9.24.1-1.el6.x86_64.rpm in one of our repos,
> so that explains where it came from.
>
> So no Prelude in RHEL 6?
Nope.
> Is the functionality incorporated into some other RH offering?
Not that I know of. But just to give you some idea of what I am thinking about...I am
on the editorial board of CEE. http://cee.mitre.org/ The main developer of rsyslog
is also on that board. He has been working on an implementation:
http://blog.gerhards.net/2010/10/cee-library-will-be-named-libee.html. And
http://doc.libee.org.
What I am thinking about is making a plugin that can take native audit events and put
them into CEE events. That would open the Linux Audit system to future SCAP tools. Its
a lot of work and that's why we started open-scap a couple years ago. I don't expect a
CEE based system to materialize over night. There are still lots of standards work to
do.
-Steve
More information about the Linux-audit
mailing list