audit-1.8 released
Steve Grubb
sgrubb at redhat.com
Thu Oct 27 15:33:18 UTC 2011
On Thursday, October 27, 2011 10:35:55 AM Steve Grubb wrote:
> I've just released a new version of the (old) audit daemon. It can be
> downloaded from http://people.redhat.com/sgrubb/audit. The ChangeLog is:
>
> - Performance improvements for ausearch/report
> - Fix debug output resolving numeric address
> - Fix spelling error in audit.rules (#667845)
> - Improve warning in auditctl regarding immutable mode (#654883)
> - In ausearch, allow searching for auid -1
> - Fix memory leak in aureport
> - Fix parsing state problem in libauparse
> - Update prelude support
> - Add new event types
> - Update syscall tables
> - On i386, audit rules do not work on inode's with a large number
> - Improve the robustness of libaudit field encoding functions
> - Add optional ARM processor support
> - Fix autrace to use correct syscalls on i386 systems (Peng Haitao)
> - In auparse, add ability to interpret session and capabilities
> - Add ability for audispd syslog plugin to choose facility local0-7
> - Report server issues to remote client
> - Update ausearch parsing
> - Update auparse to handle virt events
> - Make audisp-remote robust
> - Add 2 error returns to python bindings
> - Update the man pages a little
> - Add some debug info to audidp-remote startup and shutdown
> - In auditd, if disk_error_action is ignore, limit syslog messages to 5
> - Fix some memory leaks
>
> This does not even really capture all the updates to this branch. This is
> intended to be the final release of the 1.x series. This release backports
> everything I possibly can from trunk to the old daemon. With all these
> fixes, its a big update. Please test it if you use the 1.x series.
>
> Please let me know if you run across any problems with this release.
And promptly found a compile problem on old systems. You might need this patch:
https://fedorahosted.org/audit/changeset/601
-Steve
More information about the Linux-audit
mailing list