audit 1.4 released

audit 1.4 released

[Steve Grubb]

Hi,

I've just released a new version of the audit daemon. It can be downloaded 
from http://people.redhat.com/sgrubb/audit  It will also be in rawhide  
tomorrow. The Changelog is:

- New report about authentication attempts
- Updates for python 2.5
- update autrace to have resource usage mode
- update auditctl to support immutable config
- added audit_log_user_command function to api
- interpret capabilities
- added audit event parsing library
- updates for 2.6.20 kernel

There is a major new feature in this release. This represents the first cut at 
the audit parsing library. This version should be mostly complete except the 
audit searching functions. They will be filled in during subsequent updates. 
There is a test program in auparse/test that can be used to exercise the code 
that is in the library. This drop also includes python bindings.

Please let me know if there are any problems with this release.

-Steve

Re: audit 1.4 released

[Matthew Booth]

[-- Attachment #1.1: Type: text/plain, Size: 303 bytes --]

On Sun, 2007-02-04 at 18:11 -0500, Steve Grubb wrote:
> - added audit_log_user_command function to api

Where can I read about this one?

Matt
-- 
Red Hat, Global Professional Services

M:       +44 (0)7977 267231
GPG ID:  D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490

[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[-- Attachment #2: Type: text/plain, Size: 0 bytes --]

Re: audit 1.4 released

[Steve Grubb]

On Sunday 04 February 2007 18:44, Matthew Booth wrote:
> Where can I read about this one?

I haven't made a man page for it due to trying to get the parsing library out 
asap. However, in the source code just above the function are some comments 
describing it. (lib/audit_logging.c I think.)

This function is required for a patch that I have for bash to log all actions 
by privileged users (root).

-Steve