Version 1.1.4 of the Cmd Audit agent introduces support for Oracle Linux 7 and 8, resolves an incompatibility with SELinux, fixes an issue that could result in duplicate entries representing the same server, and makes an assortment of minor improvements.
Support for Oracle Linux
The agent now supports Oracle Linux 7 with RHCK and UEK kernels 3.10+, and Oracle Linux version 8 with RHCK and UEK kernels 4.18+. Deploy to your heart's content!
Implemented a rewritten, BPF-specific SELinux policy that resolves all remaining SELinux issues. The agent and SELinux are now best friends.
Duplicate server entries
Resolved an issue where upgrading an agent could result in duplicate server entries — one for the pre-update, and one for the post-update server.
The agent more reliably records the current working directory (cwd) field of Exec events.
Fixed an installation issue related to FIPS mode on CentOS/RHEL/Oracle Linux.
If you have automatic agent updates enabled, this version will roll out automatically. Otherwise see our documentation for deployment instructions.