SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sysdig-0.24.2-72.5.x86_64.rpm :

* Wed Feb 13 2019 Martin Pluskal - Update to version 0.24.2:
* Added the ability to specify a set of ports where data is captured with bigger snaplen (20000) (#1256)
* Made fd resolution work for getsockopt (#1280)
* Check getsockopt event before accessing it (#1284)
* Fixed snprintf placeholder for size_t/{u,}int64_t (#1279)
* Disabled reading environment from /proc by default (#1272)
* Excluding suppressed processes during initial /proc scan (#1269)
* Fixed Windows build in CYGWIN environment (#1270)
* Changes to eliminate warnings with gcc 5.4 (#1271)
* Trigger build errors for extra compiler warnings (#1265)
* Handling thread table overflows (#1263)
* Deleted threadinfos that we failed to add to the thread table (#1260)
* Reduce CPU usage (#1261)
* Lua parser interfaces (#1254)
* Fixed a compile issue when trying to make the project using VS2017 on Windows 10 (#1248)
* Added ifdef guards to socket options with (#1257),(#1258)
* Improved getsockopt()/setsockopt() support (#1188)
* Fix fd.net comparisons with in operator (#1252)
* Only check out sysdig for initial invocation (#1251)
* Build probe modules only with sysdig directory (#1244)
* Fixed spelling and copy/pased comment errors (#1250)- Changes for version 0.24.1:
* Fix struct packing- Changes for version 0.24.0:
* Switch to Apache 2.0 License: All userspace code moves from GPL to Apache 2 license. Kernel module switches to dual-license MIT + GPLv2. Enjoy! [#1233] [#1242]
* Complete IPv6 Support. Sysdig previously had partial IPv6 support, but this release rounds out full support for ipv6 addresses in filter fields, csysdig, etc. [#1204]
* loginuid support. Add user.loginuid & user.loginname to track login users, which do not change despite sudo/su operations. [#1189] [#1214] [#1218] [#1219] [#1227]
* Track connections by domain name: New fields fd.
*ip.name allow matching connection ips with resolved domain names. [#1213]
* Add endswith filter to support suffix matching on strings [#1209]
* Add minikube support to the kernel module probe loader script [#1205]
* Improve error string return handling at startup/when reading capture files [#1215]
* Disable boot2docker kernel module builds for pre-built kernel modules [#1232]
* eBPF Support Improvements/Fixes [#1235] [#1236] [#1237] [#1239]
* Improve/fix windows build [#1242]
* Don\'t drop setns events when in dropping mode [#1198]
* At startup, wait a bit for an existing sysdig-probe module to be unloaded before loading a new one [#1201]
* Support extracting container metadata for containers spawned with just an image id and not an image name [#1207]
* Properly extract image metadata when the image contains a host:port component [#1206]
* Minor compilation bug fixes [#1212]
* Small packaging fixes [#1228] [#1229] [#1231]
* Fix an inconsistency when writing capture files containing unknown fds [#1234]
* Mon Dec 17 2018 jloehelAATTsuse.com- Add needssslcertforbuild, so that the project certificate is available when signing the kernel.
* Tue Sep 04 2018 Martin Pluskal - Update to version 0.23.1:
* Fix ia32 check on BPF for 4.14 and 4.15 kernels
* Adjust wrong events lengths when reading older captures [#1195]
* More flexible captures: the flexibility of the capture format/reading process has been improved to allow backward and forward-compatibility [#1163]
* Support logging elapsed time on tracers [#1186]
* Fixes on custom containers support [#1170]
* Avoid invalid free() calls around m_suppressed_pointers [#1184]
* Properly set the address list total length when reading a capture [#1185]
* Mon Jul 23 2018 mpluskalAATTsuse.com- Update to version 0.22:
* eBPF support for sysdig: eBPF as the instrumentation backend in kernel space (beta)
* Parsing an argument passed to sysdig-probe-loader as a custom URL for the kernel module like -e SYSDIG_PROBE_URL=http://54.183.253.176:52354 [#1085]
* Several changes to expand the set of events that are skipped by falco, and to centralize the logic for knowing which events to skip [#1105]
* Improved proc lookup in libsinsp [#1107] [#1110] [#1112]
* Improved performance [#1126] [#1120] [#1121] [#1137]
* In dropping mode, drop events that don\'t change system state [#1123]
* Introduce non-STL thread table API [#1142]
* Add the ability to ignore events by process name (comm). At the scap level, ignoring is by tid. At the sinsp level, as threads are added/removed from the thread table the comm is checked against a set of comms and if found the tid is added to the scap-level ignore hash table [#1139]
* The container_manager can now receive callbacks to call when a new container is detected or an inactive one is removed [#1133]
* Add support for adding custom container types alongside Docker etc (on sinsp level) [#1149]
* Parse and store three new container_info fields: repository, tag and digest [#1127]
* Skip proc scan in sinsp_dumper w/ threads_from_sinsp=true [#1164]
* Allow k8s filterchecks with analyzer [#1160]
* When creating the sysdig docker image, add the ability to directly set the sysdig version via the environment variable SYSDIG_VERSION [#1166]- Drop upstreamed patch:
* sysdig_proto_ops_getname.patch
* Mon Jun 25 2018 joop.boonenAATTopensuse.org- Patch sysdig_proto_ops_getname.patch to fix build - Seth Forshee : Update for proto_ops.getname() prototype changes in Linux 4.17 (#1114)
* Thu May 10 2018 mpluskalAATTsuse.com- Update to version 0.21.0:
* Track Versioning in Capture Files: With this release, we will increment the pcap major/minor version in capture files when a release adds new event types, additional event fields, etc. that are incompatible with earlier sysdig versions. [#1081] [#1084]
* Add s390x as a platform using Docker [#1029]
* When saving container information, also store certain mesos-related environment information associated with the first process in the container [#1021] [#1057]
* New filtercheck fd.connected returns whether or not a network connection file descriptor is actually bound to a remote endpoint. Think of udp sockets that only use sendto() vs udp sockets that use connect() and then send(), or tcp sockets that have been created but not connect()ed yet. [#1051]
* New filtercheck fd.name_changed is true when an event changes the connection information for a connection fd. This can occur in some cases such as udp connections where a connect() changes the connection information for a fd.
* Make the thread table size configurable via sinsp::set_max_thread_table_size() [#1056]
* Add support for new AWS Linux 2 AMI [#1058]
* Add process group id to execve events [#1044] [#1080]
* Expand the set of system calls returned by the driver when in dropping mode [#1075]
* Handle AT_FDCWD arguments to linkat, openat, etc. and resolve the path relative to the cwd [#1020]
* Thu Mar 01 2018 mpluskalAATTsuse.com- Modernise spec file using spec-cleaner
* Thu Feb 08 2018 mpluskalAATTsuse.com- Update to version 0.20.0:
* Use dithered boxes to increase the number of available colors for spectrogram/subsecoffset views [#961] [#963] [#966]
* Add the ability to log json parse errors to a separate log file [#975] [#981] [#990]
* Update the embedded jsonpp implementation to 0.10.6 [#975] [#982]
* Reduce inactive container scan time from 20 minutes to 30 seconds [#985]
* Added the ability to parse and represent RAW sockets [#991]
* Handle finit_module syscall [#996] [#1001]
* Add error message when scap_open() is called with incorrect mode [#997]
* Use explicit versions for all Docker API Endpoints [#1000]
* Report more detailed errors when PPM_IOCTL_GET_N_TRACEPOINT_HIT fails [#1016]
* Add support for bpf/seccomp syscalls [#1031] [#1033]
* When trying to build the kernel module using dkms fails, include dkms.log output along with the failure [#1038]
* Mon Oct 09 2017 mpluskalAATTsuse.com- Update to version 0.19.1:
* Fix a compilation issue on old versions of kernels 2.6.32 shipped by RHEL/CentOS- Changes for version 0.19.0:
* Add per-cpu counters when a tracepoint is hit [#947]
* mq_unlink syscall reports as ptrace [#927]
* Fixed copy-paste typo [#946]
* expose the event masking/unmasking mechanism at the inspector level [#951]
* Fix targetViewFilter for \"Accessed Files\" in wsysdig_summary chisel [#952]
* Various improvements and fixes for Sysdig Inspect- Changes for version 0.18.0:
* Changed language of CLA to also cover government contributions [#902]
* Support mapped container docker networking mode, currently used by k8s pods [#922]
* Allow an external event capture dumper object to be used together with an inspector object [#912]
* Handle reading large execve args/env that might otherwise cause a page fault [#920]
* Add container events (container start/stop/etc) to capture files. In the future, will also be used for orchestrator information. [#935]
* Add the executable path as a filterable/displayable item proc.exepath [#845] [#934]
* Small README changes [#936]
* Support additional flags to clone() syscall [#909]
* Support page faults as events [#904]
* Support for upcoming visualization product [#931]
* Compilation fixes for sysdig monitor agent [#942]
* Fix minor problems found by valgrind [#938]
* Fix crash when reading large messages from docker daemon [#932]
* Better cleanup of failed installation of the sysdig driver under coreos [#926]
* Ensure that a parent\'s ptid is set when an execve fills in information on a new process [#914]
* Fix IN operator so it works with non-string values [#913]
* fix compile errors with newer versions of libcurl [#895] [#911]
* fix compile errors when O_DIRECTORY not defined [#907]
* Use session id, not process group id, for proc.sid [#904] [#905]
* Small docs fixes related to container.mount.
* [#901]
* Update installation script to use latest version of EPEL repository [#897]- Drop no longer needed sysdig-curlbuild.patch
* Tue Sep 05 2017 mpluskalAATTsuse.com- Fix building with recent curl (gh#draios/sysdig#895):
* sysdig-curlbuild.patch
* Mon Jul 31 2017 mpluskalAATTsuse.com- Update to version 0.17.0 (boo#1051562):
* New features: + Support netlink sockets [#809]
* Bug fixes: + Fix a bug on cgroups parsing that prevented sysdig to start [#835] + Allow sysdig to read k8s state from very large k8s environments [#856] + Improve compatibility with older linux kernels [#889] + Improve rkt detection by checking the existence of files into /var/lib/rkt [#893]
* Mon May 08 2017 mpluskalAATTsuse.com- Update to version 0.16.0:
* New features: + support for Kernel 4.11 + sysdig -N is now the default option, server port decoding can be reenabled with -R + Decode unshare syscall
* Bugfixes: + Fix rkt detection for containers created before sysdig runs + Fix container detection if docker itself is running inside a container + Fix detection of lxc containers + Fix compilation issues on RHEL5 + Fix memory leak on spy_users chisel
* Sun Apr 02 2017 mpluskalAATTsuse.com- Update to version 0.15.1 (boo#1032025):
* Bug fixes: + Fixed driver compilation issues on armv6l + Fixes on Kubernetes support + Regression on rkt detection #748 + Fixed high cpu usage when sysdig was used with -M parameter, #783 + Fixed a memory leak #772
* Tue Feb 28 2017 joop.boonenAATTopensuse.org- Update to version 0.15.0
* New Features + Support for Linux Kernel 4.10 + Use /proc//status instead of custom ioctl to get process vpid for kernels >= 4.1
* Bug fixes + Various fixes on Kubernetes ingestion + Fix some happening deadlocks in the driver when ioctl were exiting with error + Fix mkdir and rmdir events, they were skipped in case of page faults + Bugfix on topports_server chisel + Avoid some cases of infinite loop when evaluating filters like proc.aname
* Fixed sysdig-no_return_random.patch https://github.com/draios/sysdig/issues/734
* Wed Jan 25 2017 mpluskalAATTsuse.com- Update to version 0.14.0:
* JSON output is not: an object per event separated by newline, instead of objects inside array as before.
* New filter proc.pcmdline, which represents the full command line (proc.name + proc.args) of the parent of the process generating the event
* Fixes for kernel version 4.9.3
* Improved detection of Mesos containers
* Fix compilation with HAS_CAPTURE disabled on Linux
* Fixes for merged captures support- Add sysdig-no_return_random.patch- Enable building on more platforms
* Sat Dec 24 2016 mpluskalAATTsuse.com- Update to version 0.13.0 (boo#1017181):
* Ability to open concatenated capture files
* evtin.
* fields can be used also for displaying now
* Fix driver for Kernel 4.9
* Fix on IPv4 mapped IPv6 parsing
* Fix memory leak #694
* Fix issue #687 about connecting to an K8s API server via HTTPS
* Tue Nov 15 2016 mpluskalAATTsuse.com- Update to version 0.12.1:
* Compilation issues when using non-bundled OpenSSL #672
* Compilation issues under S390 architecture
* Various issues on k8s parsing
* Stale thread info when parsing processes within containers #665
* Avoid getting cwd from driver, causes issues on Kernel 4.8- Changes for version 0.12.0:
* New filters container.mount.
* to match container mount points
* New filter container.privileged to match containers running in privileged mode
* Support latest kubernetes features: k8s.deployment.
* and k8s.rs.
* filters are now available
* Added glob operator for strings, works as classic shell glob path matcher
* Added pmatch operator
* Add less package on docker image- Drop upstreamed sysdig-do-not-use-private-jq-api.patch- Enable building on s390x
* Sat Aug 20 2016 mpluskalAATTsuse.com- Use current macros for KMP building
* drop sysdig-kmp-preamble- Use exclusivearch instead of excluding architectures
* Fri Jul 15 2016 mpluskalAATTsuse.com- Update to version 0.11.0:
* Support for tracers. A way to add user level events to sysdig stream. Seeannouncement blog post.
* New csysdig views: Traces List, Traces Summary, Traces Spectogram
* New evtin.
* and span.
* filters startswith operand for strings, ex: fd.name startswith /etc
* evt.is_open_{read,write} fields, true or false if an event is an open() in read or write
* Improved performances of Kubernetes metadata parsing.
* Bug fixes for IPv6- Add sysdig-do-not-use-private-jq-api.patch to allow building with system JQ
* Sun Jul 03 2016 mpluskalAATTsuse.com- Update to version 0.10.1:
* Minor bugfixes, mostly related to Kubernetes and Mesos parsing
* Fri Jun 17 2016 mpluskalAATTsuse.com- Update to version 0.10.0:
* setsid event
* proc.sid filter field: the session id of the process generating the event
* proc.sname filter field: the name of the current process session leader
* --force-term-compat command line option: try to configure simple terminal
* settings (xterm-1002) that work better with terminals like putty
* Many minor bugfixes
* builds with gcc6 (boo#985121)- Use pkgconfig() style dependencies- Build with lua-5.1 as builds fail with lua-5.2 and later
* Tue Apr 12 2016 mpluskalAATTsuse.com- Update to 0.9.0
* Mesos and Marathon support: + csysdig views: Mesos Tasks, Mesos Frameworks, Marathon Apps, arathon Groups + -m sysdig/csysdig parameter to specify URLs for Mesos Master Marathon API + -pm sysdig parameter to get a Mesos-friendly event output + Filter fields: mesos.task.name, mesos.task.id, mesos.task.label, mesos.task.labels, mesos.framework.name, mesos.framework.id, marathon.app.name, marathon.app.id, marathon.app.label, marathon.app.labels, marathon.group.name, marathon.group.id
* icontains filter comparison operator: case-insensitive string comparison
* Support for SSL based authentication and bearer token authentication against the Kubernetes API server. Previously, SSL was just supported for CA verification. See the updated documentation for -K
* New actions on csysdig views: lsof and renice
* New network filter fields that support a CIDR notation (e.g. 127.0.0.1/24): fd.net, fd.cnet, fd.snet, fd.lnet, fd.rnet
* Sat Feb 06 2016 mpluskalAATTsuse.com- Update to 0.8.0
* Bug fixes + Better terminal mouse handling for csysdig + Minor bugfixes
* New and updated features + rkt support (when running sysdig in a container, bind mounting the rkt directory is necessary, e.g. -v /var/lib/rkt:/host/var/lib/rkt:ro for Docker) + chroot event + container.type: the container type, e.g. docker or rkt + Prebuild sysdig-probe for Debian kernels
* Tue Jan 26 2016 mpluskalAATTsuse.com- Update to 0.7.1
* Fix sysdig-probe compilation for kernel < 3.4.0
* Fix compilation on OSX- Changes for 0.7.0
* Fix sysdig-probe for kernel 4.4
* Fix a remotely possible deadlock during ioctl calls
* Fix Kubernetes support when data returned from the API server is particularly big
* Minor bugfixes
* Spectrogram views in csysdig: spectro_all (System call latency spectrogram) and spectro_file (File I/O latency spectrogram)
* Ability to authenticate to a Kubernetes API server using a certificate, via -K or --k8s-api-cert=. Can also be specified via the environment variable SYSDIG_K8S_API_CERT
* Ability to sort columns in csysdig views using the keyboard
* --filter-proclist: apply the filter to the process table
* -M: add the possibility to stop collecting after X seconds evt.latency.quantized: 10-base log of the delta between an exit event and the correspondent enter event evt.latency.human: delta between an exit event and the correspondent enter event, as a human readable string (e.g. 10.3ms)
* Sat Dec 19 2015 aspiersAATTsuse.com- Fix .spec file bug which was causing Frankenstein kernel modules: https://github.com/draios/sysdig/issues/496#issuecomment-165929462
* Fri Dec 18 2015 mpluskalAATTsuse.com- Exclude archs on which build fails
* Thu Dec 17 2015 aspiersAATTsuse.com- Fix whitespace issues in .spec and .changes files- Remove duplicate %{_datadir} directory from %files
* Thu Dec 17 2015 mpluskalAATTsuse.com- Update to 0.6.0
* Full support to Kubernetes, even when saving events to a trace file
* semget system event
* access system event
* Automatically build sysdig-probe for boot2docker releases
* Properly filter process table serialization in a trace file when a process filter is used
* Some csysdig actions now ask the user for confirmation
* various bugfixes
* drop GH_496_fix.patch
* Sun Dec 13 2015 mpluskalAATTsuse.com- Update to 0.5.1
* Fix connection to HTTPS Kubernetes API servers
* Properly compile bundled OpenSSL
* Fix sysdig-probe build on Linux 4.3
* Minor bugfixes- Changes for 0.5.0:
* Full Kubernetes support!
* Add a convenient USE_BUNDLED_DEPS CMake option to enable/disable all bundled dependencies at once.
* New build/runtime dependencies: libb64, libcurl, openssl.- Add GH_496_fix.patch- Update dependencies and not use anything bundled
* Wed Nov 04 2015 rpmAATTfthiessen.de- Updated to 0.4.0, notable changes:
* Support ia32 emulation on 64bit kernels
* HTTP chisels now support UNIX sockets (e.g. Docker API)
* New events: mount, umount
* Support Docker containers when running in a different cgroup root layout
* csysdig view actions: press F7 or F8 while inside a csysdig view to see what actions are supported
* Wed Nov 04 2015 rpmAATTfthiessen.de- Updated to 0.2.0, notable changes:
* New version scheme
* Update ncurses so it will compile on GCC 5
* Don\'t use GCC 5 inside the Docker container, because older kernels are still not ready
* Support CPU hotplug
* Fix improper access to socket structure during accept()
* Docker image now includes the RUN label to make it easier to run sysdig on Atomic Linux
* New events: semop, semctl, ppoll
* Port numbers will be automatically converted to service names unless -N is specified
* Wed Aug 12 2015 mpluskalAATTsuse.com- Use proper cmake macros- Remove conditions around fdupes as package does not build for old releases anyway- Enable parallel build
* Tue Aug 11 2015 borisAATTsteki.net- updated from 0.1.99 to 0.1.102- notable changes:
* Support for decoding setns and flock syscall
* Parse O_CLOEXEC flag on open and related syscalls
* Parse CLONE_NEWUSER flag on clone
* Support truncated tracefiles
* Now sysdig can rotate tracing file when capturing, using -C, -e, -W, -G
* Better extraction/filtering capabilities for event related to multiple file descriptors, like poll
* Precompiled kernel modules for older coreos releases
* This release introduces csysdig, the awesome ncurses user interface for sysdig
* Support for intercepting signals via the signaldeliver event: parameters are source pid, destination pid and signal type
* Docker container ships with GCC 4.8 other than the latest from Debian, to increase compatibility
* echo_fds chisel has a better formatting
* Correctly show container output even when renaming containers on Docker >= 1.5
* Sun May 03 2015 joop.boonenAATTopensuse.org- Cleaned and corrected the spec file
* Wed Mar 25 2015 joop.boonenAATTopensuse.org- Cleaned the spec file up- Build version 0.1.99
  
ICM