linux-audit.redhat.com archive mirror
 help / color / mirror / Atom feed
* Audit status update
@ 2023-10-24 18:53 Steve Grubb
  0 siblings, 0 replies; only message in thread
From: Steve Grubb @ 2023-10-24 18:53 UTC (permalink / raw)
  To: linux-audit

Hello,

Back in August I wrote an email detailing changes for an audit 4.0 release:
https://listman.redhat.com/archives/linux-audit/2023-August/020036.html

At this point, all changes have been made. I would like to ask anyone at a 
distribution to please pull the master branch and give it a try. It is 
suggested to package audit-rules, auditctl, and augenrule + the new systemd 
service separately. 

In order for the new audit-rules.service to be enabled out of the box, you 
will also need to coordinate a systemd preset. On Fedora, that would be:

 /usr/lib/systemd/system-preset/90-default.preset

which now includes:

enable auditd.service
enable audit-rules.service

I am aiming this change for Fedora 40 since that is the current one in 
development. Getting this enabled by default on Fedora requires a ticket and 
approval. I could imagine there are are similar procedures at other distros. 
Meaning when audit-4.0 is released, it may take some time before you see it 
in a distro.

The python updates required splitting libaudit.h into 2 files. The new file 
audit-logging.h is included by libaudit.h, so no user visible changes should 
be noticed.

Also, by restricting the API in the python bindings, I only know of one 
application that was relying on the extended API, setroubleshoot. Be on the 
lookout for other applications that might be broken.

The current master branch will be tagged as 4.0 alpha which is for testing. 
Please check this soon...because...the audit mail list might be going away 
soon. I am trying to preserve it but I think we are running out of time and 
options. If we lose the mail list, report items on github. And if I can 
arrange a new mail list, I will point to it from my people.redhat.com page.

Lastly, there is a new github branch, audit-3.1-maint. I have cherry-picked 
patches that I think are important for a 3.1.3 release if that ever happens. 
But know that I am not testing it and a release may never happen. Treat it 
more as a suggestion of patches you might want to include during any 
maintenance release you might do.

Please let me know any issues found in testing. Audit-4.0 will be released in 
the next month or so depending on feedback and FESCO approval.

Best Regards,
-Steve


--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit


^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2023-10-24 18:54 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-10-24 18:53 Audit status update Steve Grubb

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).