stevegrubb
commented
1 year ago It is possible to compile and use fapolicyd-1.2 on RHEL 8.8. However, the ability to have rule numbers added to audit events is dependent on a kernel patch that is not there.
MedDevSecSavvy
We're moving to RedHat 8.8 soon. The default fapolicyd that comes with OS is 1.1.3. The latest version available is 1.2. My questions: Can we download 1.2 and build it for 8.8? Are there any significant advantages in doing this? I assume RedHat back-ports features to earlier releases? As per release notes, 1.1.4 and later versions need OpenSSL 3.0. We do not have plans to move to 3.0. Is fapolicyd 1.2 available without OpenSSL 3.0 (alternatively can 1.2 work with older versions of openSSL?) Any feedback will be really helpful. Thanks