Re: audit-0.6.2 released

Hi, A new version of auditd has been released. You can download it from: http://people.redhat.com/sgrubb/audit Some of the changes: - Add R option to auditctl to allow reading rules from file. - Do not allow task creation list to have syscall auditing - Add D option to allow deleting all rules with 1 command - Added pam_audit man page & sample.rules - Mod initscript to call auditctl to load rules at start-up - Write message to log file for daemon start up - Write message that daemon is shutting down - Modify auditd shutdown to wait until logger thread is finished - Fix bug where extra info was appended to some messages This version now supports reading a set of rules when the daemon is started. Edit the file: /etc/audit.rules and place the audit ctl commands. There is a sample audit rules file included. Look for sample.rules. Compiled versions will be available in rawhide tomorrow morning. -Steve Grubb -- Linux-audit mailing list Linux-audit(a)redhat.com http://www.redhat.com/mailman/listinfo/linux-audit