Linux Agent Release Notes

4 min. readlast update: 09.25.2024

Linux Agent 

Officially Supported Versions

  • Ubuntu Server 22.04.4 LTS (Jammy Jellyfish)
  • Red Hat Enterprise Linux 9.4 (Plow) (May work on Rocky Linux 9.4 as well)

Known Limitations

  • Files downloaded from the ThreatLocker portal will need to be renamed before installing
    • File names as downloaded from the portal:

      • Ubuntu - ThreatLocker-xxxxxxxxxxxxxxxxxxxx.deb

      • RHEL - ThreatLocker-xxxxxxxxxxxxxxxxxxxxxx.rpm

    •  File names need to be changed to:
      • Ubuntu - 1.1.0-297_ubuntu_22_4.x86_64_xxxxxxxxxxxxxxxxxxxxx_c.deb
      • RHEL - 1.1.0-297_rhel_9.x86_64_xxxxxxxxxxxxxxxxxxxxxxxx_c.rpm
    • Command to rename the file:
      • cp /path/to/file /path/to/renamed-file
  • ThreatLocker Linux Agent is headless (no tray)
  • Override Codes are not currently supported
  • Storage Control is not currently supported
  • Network Control is not currently supported
  • ThreatLocker Detect is not currently supported
  • Configuration Manager is not currently supported
  • Linux core is currently being refined
  • Built-ins are currently being refined
  • Elevation has not been fully implemented

Linux Agent Version 1.2:  Beta 09/25/24

New Features

  • Added support for Policy statuses
  • Added the ability to use Installation mode
  • Added visibility of the Created By Process on Execute logs, and support to use the Created By Process in custom rules
  • Added the ability to trigger a baseline scan from the portal
  • Added logic to pull down Policies and Application definitions before the baseline scan begins

Bug Fixes

  • Resolved an issue in which Applications were not learned until after the baseline was scanned

 

Linux Agent Version 1.1: Open Beta 09/09/24

New Features

  • Added Linux support for Heatbeat Check in and Full Check in

Bug Fixes

  • Resolved an issue in which storage device serial numbers were not displaying correctly in the Unified Audit from a Linux machine
  • Resolved an issue in which the Process Path in the Unified Audit was not reflecting the exact path of a file executed on Linux

Linux Agent Version 1.0.5.272 

Officially Supported Versions

  • Ubuntu Server 22.04.4 LTS (Jammy Jellyfish) 
  • Red Hat Enterprise Linux 9.4 (Plow) (May work on Rocky Linux 9.4 as well)

 

Known Limitations

  • ThreatLocker Linux Agent is headless (no tray)
  • Override Codes are not currently supported
  • Storage Control is not currently supported
  • Network Control is not currently supported
  • ThreatLocker Detect is not currently supported
  • Configuration Manager is not currently supported
  • Linux core is currently being refined
  • Built-ins are currently being refined
  • Elevation has not been fully implemented

New Features

  • Install and uninstall instructions found here: https://threatlocker.kb.help/installing-and-uninstalling-the-threatlocker-linux-agent/
  • Added the ability to specify an API URL into the installer file
  • Added the ability to block and unblock files
  • Added Tamper Protection 
  • Added support for Ubuntu Server 22.04.4 LTS (Jammy Jellyfish) and Red Hat Enterprise Linux 9.4 (Plow)
  • Added the ability to request an application/file
  • Added support for enabling/disabling products

Bugs and Fixes

  • Resolved an issue in which user permission was denied on newly created Permit policies
  • Resolved an issue in which the agent was ignoring Application Definition updates
  • Resolved an issue in which installation failed due to lack of synchronization
  • Resolved an issue in which the Linux agent was terminated on reboot if the machine lost internet access
  • Resolved an issue in which actions that were performed with the same file by different users were only logging for the first user
  • Resolved an issue in which multiple policies referring to the same binary were leading to a permanent binary lock
  • Resolved an issue in which unexpected policies were generated for some applications
  • Resolved an issue in which Sudo was not being impacted by Default - Deny
  • Resolved an issue in which the Policy Name and Policy ID were not being displayed in the Unified Audit
Was this article helpful?