Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 705758 Details for
Bug 905179
audit rules with -F "auid!=4294967295" return EINVAL
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
audit: omit check for uid and gid validity in audit rules and data
0001-BZ905179-audit-omit-check-for-uid-and-gid-validity-i.patch (text/plain), 2.38 KB, created by
Richard Guy Briggs
on 2013-03-06 02:36:40 UTC
(
hide
)
Description:
audit: omit check for uid and gid validity in audit rules and data
Filename:
MIME Type:
Creator:
Richard Guy Briggs
Created:
2013-03-06 02:36:40 UTC
Size:
2.38 KB
patch
obsolete
>From 24040e6adf98b48cfeec6554f98c3322029630a3 Mon Sep 17 00:00:00 2001 >From: Richard Guy Briggs <rgb@redhat.com> >Date: Tue, 5 Mar 2013 19:51:32 -0500 >Subject: [PATCH] [BZ905179] audit: omit check for uid and gid validity in audit rules and data >To: rgb@redhat.com > >audit rule additions containing "-F auid!=4294967295" were failing with EINVAL. > >UID_INVALID (and GID_INVALID) is actually a valid uid (gid) for setting and >testing against audit rules. Remove the check for invalid uid and gid when >parsing rules and data for logging. > >Revert part of ca57ec0f00c3f139c41bf6b0a5b9bcc95bbb2ad7 (2012-09-11) to fix >this. > >Signed-off-by: Richard Guy Briggs <rgb@redhat.com> >--- > kernel/auditfilter.c | 12 ------------ > 1 files changed, 0 insertions(+), 12 deletions(-) > >diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c >index f9fc54b..457ee39 100644 >--- a/kernel/auditfilter.c >+++ b/kernel/auditfilter.c >@@ -360,10 +360,7 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) > /* bit ops not implemented for uid comparisons */ > if (f->op == Audit_bitmask || f->op == Audit_bittest) > goto exit_free; >- > f->uid = make_kuid(current_user_ns(), f->val); >- if (!uid_valid(f->uid)) >- goto exit_free; > break; > case AUDIT_GID: > case AUDIT_EGID: >@@ -372,10 +369,7 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) > /* bit ops not implemented for gid comparisons */ > if (f->op == Audit_bitmask || f->op == Audit_bittest) > goto exit_free; >- > f->gid = make_kgid(current_user_ns(), f->val); >- if (!gid_valid(f->gid)) >- goto exit_free; > break; > case AUDIT_PID: > case AUDIT_PERS: >@@ -469,10 +463,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, > /* bit ops not implemented for uid comparisons */ > if (f->op == Audit_bitmask || f->op == Audit_bittest) > goto exit_free; >- > f->uid = make_kuid(current_user_ns(), f->val); >- if (!uid_valid(f->uid)) >- goto exit_free; > break; > case AUDIT_GID: > case AUDIT_EGID: >@@ -482,10 +473,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, > /* bit ops not implemented for gid comparisons */ > if (f->op == Audit_bitmask || f->op == Audit_bittest) > goto exit_free; >- > f->gid = make_kgid(current_user_ns(), f->val); >- if (!gid_valid(f->gid)) >- goto exit_free; > break; > case AUDIT_PID: > case AUDIT_PERS: >-- >1.7.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=705758">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
rbriggs
: review+
Actions:
View
|
Diff
Attachments on
bug 905179
: 705758