audit 2.7.8 released

All of lore.kernel.org
 help / color / mirror / Atom feed

* audit 2.7.8 released
@ 2017-09-18 18:31 Steve Grubb
  2017-09-19 12:34 ` Ryan Sawhill
  0 siblings, 1 reply; 2+ messages in thread
From: Steve Grubb @ 2017-09-18 18:31 UTC (permalink / raw)
  To: linux-audit

Hello,

I've just released a new version of the audit daemon. It can be downloaded 
from http://people.redhat.com/sgrubb/audit. It will also be in rawhide
soon. The ChangeLog is:

- Add config option to auditd to not verify email addr domain (#1406887)
- When auditd forwards events to disptcher, calculate protocol each event
- In auditd, restore umask after creating log file (Avi Yeger)
- Add a realpath interpretation function that resolves whole path in auparse
- In audispd, strip out EOE events for syslog plugin
- In python 2 bindings, fix AUSOURCE_FILE_POINTER to use new FILE * (#1475998)
- In python bindings, check NULL return for auparse_get_type_name (#1482121)
- Make auparse more robust against misuse of the API (#1482121)
- Add USER_DEVICE record type
- In auditd, do not use '?' for auid when signal sender is unknown
- In ausearch, write checkpoint inode in decimal to be easier to use
- In auparse-normalizer, correct attr's collected for mount object

This update fixes a number of bugs reported through bugzilla. There was a 
problem doing aggregated logging when in a mixed environment. This has been 
corrected to calculate the protocol being used on a per event basis. A 
realpath resolving option has been added to auparse. This does require root 
privileges to fully use. In audispd, strip out EOE events for syslog plugin. 
Fixed an issue where auparse python biindings was causing a crash when a FILE 
* was passed to auparse_init. Another python binding bug was fixed where it 
was not checking the returned string of auparse_get_type_name() for NULL. And 
some code cleanups were done.

SHA256: 57b5ae5697f288b8e53286eacd1c6c2e88bd65db18df3d855332fc63b302fdae

Please let me know if you run across any problems with this release.

-Steve

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: audit 2.7.8 released
  2017-09-18 18:31 audit 2.7.8 released Steve Grubb
@ 2017-09-19 12:34 ` Ryan Sawhill
  0 siblings, 0 replies; 2+ messages in thread
From: Ryan Sawhill @ 2017-09-19 12:34 UTC (permalink / raw)
  To: Steve Grubb; +Cc: linux-audit


[-- Attachment #1.1: Type: text/plain, Size: 89 bytes --]

You rock Steve. Thank you for your tireless work maintaining audit over all
these years.

[-- Attachment #1.2: Type: text/html, Size: 141 bytes --]

[-- Attachment #2: Type: text/plain, Size: 0 bytes --]



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2017-09-19 12:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-18 18:31 audit 2.7.8 released Steve Grubb
2017-09-19 12:34 ` Ryan Sawhill

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.