ABI guarantee for auditd

Thursday, 15 January 2015

Hi,

Sorry for the deluge of questions :)

Regarding auditd, what is the ABI guarantee ? Do you guarantee that the 
text contained in audit_reply->msg.data will always be the same format ? 
I imagine you reserve the right to add fields, but how about removing 
any or even reordering them ?

Or are people simply required to use auparse to guarantee they get 
records properly ?

Also, regarding 'unofficial' ABI compatibility, when has the 
audit_reply->msg.data format changed last ? Say these past 3-4 years, 
were there any changes in the format or could I use a faster, but 
specifically focused parser on the msgs when detecting older releases at 
least ?

Thanks,

Hassan

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

ABI guarantee for auditd