Skip to main content

February 2024 Linux Agent Release

v6.12.2 Release Notes

This release fixes the following issues that can occur when you enable active package detection for agent v6.12:

  • Files are kept open on Linux kernel versions earlier than 3.14.
  • Excessive use of disk space or file descriptors on Linux kernel versions earlier than 3.12

v6.12 Release Notes

  • Support for detecting active and inactive Rust packages on hosts and containers - The Lacework platform can now detect active and inactive Rust packages on hosts and containers if you do the following:

    This enables you to know whether a vulnerable Rust package is being used by an application and prioritize fixing active vulnerable packages first. Use the Package status filter in the Host Vulnerabilities page and Container Vulnerabilities page to see active or inactive vulnerable Rust packages on hosts and containers. See Host Vulnerability - Package Status for details.

  • Support for retrieving tags from AWS EC2 instances using IMDS - Starting in this release you can configure Instance Metadata Service (IMDS) on AWS EC2 instances to enable the agent to retrieve tags from EC2 instances. For more information, see Configure the Instance Metadata Options.

    Agents will first use IMDSv2 to retrieve the information. If it fails, agents use IMDSv1 to retrieve the information. If it fails again, and if you have configured the DescribeTags IAM permission on EC2 instances, agents use the IAM permission to retrieve the information.

  • Support for Podman’s Docker compatibility layer - The agent now supports Podman’s Docker compatibility layer. To use the agent with Podman’s Docker compatibility layer:

    1. Use the following command to run Podman in rootful mode to enable the Docker compatibility layer. For more information, see podman system service.

      sudo systemctl enable --now podman.socket 
    2. Set the following in the config.json file:

      "ContainerRunTime": "docker"
      "ContainerEngineEndpoint": "unix:///run/podman/podman.sock"