[27] | 1 |
|
---|
[68] | 2 | from lower to 2.3.x: database scheme has changed slightly
|
---|
| 3 |
|
---|
| 4 | -- MySQL:
|
---|
| 5 | ALTER TABLE samhain.log ADD COLUMN acl_old BLOB;
|
---|
| 6 | ALTER TABLE samhain.log ADD COLUMN acl_new BLOB;
|
---|
| 7 |
|
---|
| 8 | -- PostgreSQL:
|
---|
| 9 | ALTER TABLE samhain.log ADD COLUMN acl_old TEXT;
|
---|
| 10 | ALTER TABLE samhain.log ADD COLUMN acl_new TEXT;
|
---|
| 11 |
|
---|
| 12 | -- Oracle:
|
---|
[73] | 13 | ALTER TABLE samhain.log ADD acl_old VARCHAR2(4000);
|
---|
| 14 | ALTER TABLE samhain.log ADD acl_new VARCHAR2(4000);
|
---|
[68] | 15 | DROP TRIGGER trigger_on_log;
|
---|
| 16 |
|
---|
| 17 |
|
---|
| 18 |
|
---|
[27] | 19 | since 2.2.0: server-to-server relay is possible
|
---|
| 20 |
|
---|
| 21 | -- this implies that problems will arise if your server is misconfigured
|
---|
| 22 | to connect to itself (SetExportSeverity is explicitely set
|
---|
| 23 | to a threshold different from 'none', and the logserver is set to
|
---|
| 24 | localhost). The server may deadlock in this case.
|
---|
| 25 |
|
---|
| 26 |
|
---|
| 27 |
|
---|
[18] | 28 | since 2.1.0: update and daemon mode can be combined
|
---|
[1] | 29 |
|
---|
[18] | 30 | -- this implies that '-t update' will start a daemon process if running as
|
---|
| 31 | daemon is the default specified in the config file. use '--foreground'
|
---|
| 32 | to avoid starting a daemon process
|
---|
| 33 |
|
---|
| 34 |
|
---|
| 35 |
|
---|
[1] | 36 | from 1.7.x to 1.8.x: client/server encryption protocol has been enhanced
|
---|
| 37 |
|
---|
| 38 | -- 1.7.x clients can connect to a 1.8.x server
|
---|
| 39 |
|
---|
| 40 | -- 1.8.x clients can only connect to a 1.7.x server, if they
|
---|
| 41 | are built with --enable-encrypt=1
|
---|
| 42 |
|
---|
| 43 |
|
---|
| 44 |
|
---|
| 45 | from 1.6.x to 1.7.x: things to watch out for
|
---|
| 46 |
|
---|
| 47 | -- the log server drops root privileges after startup; it needs a logfile
|
---|
| 48 | directory with write access for the unprivileged user now
|
---|
| 49 |
|
---|
| 50 | -- the PID file does not double as lock for the log file anymore; the
|
---|
| 51 | log file has its own lock now (same path, with .lock appended)
|
---|
| 52 |
|
---|
| 53 | -- by default, the HTML status page of the server is in the log directory
|
---|
| 54 | now; this allows to make the data directory read-only for the server
|
---|
| 55 |
|
---|