Hello, This is to let everyone know that audit-3.0 pre-release is coming to rawhide. The big change that is prompting this email is that there is a config change that people might need to be aware of. One of the improvements is to drop audispd (realtime audit event dispatcher) and merge its functionality into auditd. This will eliminate one source of overflow messages and decrease the time from event occurrence to plugin seeing it. But since audispd doesn't exist anymore, I think that the location for the plugin directory should be moved from /etc/audisp/plugins.d/ to /etc/audit/plugins.d/. This way we have all audit config items in one place for the first time. I have already coordinated this with the selinux team. They are moving the selinux troubleshooter plugin and adjusting selinux policy for the new locations and transitions from auditd to the plugins. I don't know if there are any people beyond the selinux team that makes use of the audit dispatcher plugin capabilities for real time audit analysis. But that is why I'm doing a pre-release and making this announcment. Audit-3.0 is only intended for F29 and higher. It will never be backported to anything less because of these changes. Thanks, -Steve _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/3WFESZQ3SE5JWI7EFWTD57AVNFFNJJBJ/
