From: Steve Grubb <sgrubb@redhat.com>
To: linux-audit@redhat.com
Subject: Audit status update
Date: Tue, 24 Oct 2023 14:53:52 -0400 [thread overview]
Message-ID: <10525971.nUPlyArG6x@x2> (raw)
Hello,
Back in August I wrote an email detailing changes for an audit 4.0 release:
https://listman.redhat.com/archives/linux-audit/2023-August/020036.html
At this point, all changes have been made. I would like to ask anyone at a
distribution to please pull the master branch and give it a try. It is
suggested to package audit-rules, auditctl, and augenrule + the new systemd
service separately.
In order for the new audit-rules.service to be enabled out of the box, you
will also need to coordinate a systemd preset. On Fedora, that would be:
/usr/lib/systemd/system-preset/90-default.preset
which now includes:
enable auditd.service
enable audit-rules.service
I am aiming this change for Fedora 40 since that is the current one in
development. Getting this enabled by default on Fedora requires a ticket and
approval. I could imagine there are are similar procedures at other distros.
Meaning when audit-4.0 is released, it may take some time before you see it
in a distro.
The python updates required splitting libaudit.h into 2 files. The new file
audit-logging.h is included by libaudit.h, so no user visible changes should
be noticed.
Also, by restricting the API in the python bindings, I only know of one
application that was relying on the extended API, setroubleshoot. Be on the
lookout for other applications that might be broken.
The current master branch will be tagged as 4.0 alpha which is for testing.
Please check this soon...because...the audit mail list might be going away
soon. I am trying to preserve it but I think we are running out of time and
options. If we lose the mail list, report items on github. And if I can
arrange a new mail list, I will point to it from my people.redhat.com page.
Lastly, there is a new github branch, audit-3.1-maint. I have cherry-picked
patches that I think are important for a 3.1.3 release if that ever happens.
But know that I am not testing it and a release may never happen. Treat it
more as a suggestion of patches you might want to include during any
maintenance release you might do.
Please let me know any issues found in testing. Audit-4.0 will be released in
the next month or so depending on feedback and FESCO approval.
Best Regards,
-Steve
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
reply other threads:[~2023-10-24 18:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=10525971.nUPlyArG6x@x2 \
--to=sgrubb@redhat.com \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).