Bug 1414812
Summary: | Setting log_format to NOLOG make auditd core dump - free(): invalid pointer | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Andrea Perotti <aperotti> | |
Component: | audit | Assignee: | Steve Grubb <sgrubb> | |
Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> | |
Severity: | high | Docs Contact: | ||
Priority: | urgent | |||
Version: | 7.3 | CC: | mmatsuya, omoris | |
Target Milestone: | rc | Keywords: | ZStream | |
Target Release: | --- | |||
Hardware: | x86_64 | |||
OS: | Linux | |||
URL: | https://fedorahosted.org/audit/changeset/1421 | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1415726 (view as bug list) | Environment: | ||
Last Closed: | 2017-08-01 20:53:38 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1415726 |
Description
Andrea Perotti
2017-01-19 14:18:42 UTC
This is probably the issue reported on linux-audit mail list and fixed in upstream commit 1421. The file audit-2.6.7-segfault-fix.patch has been applied to the srpm. Successfully reproduced and verified. OLD (audit-2.6.5-3.el7) ======================= # auditd -n & [1] 2238 [0 root@qeos-114 write-logs]# *** Error in `auditd': free(): invalid pointer: 0x00007f6ad8ff78a0 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7c503)[0x7f6ad6420503] auditd(+0x9bc0)[0x7f6ad8055bc0] auditd(+0x7067)[0x7f6ad8053067] auditd(+0x6137)[0x7f6ad8052137] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7f6ad63c5b35] auditd(+0x6add)[0x7f6ad8052add] ======= Memory map: ======== NEW (audit-2.7.6-1.el7) ======================= # auditd -n & [1] 2206 See CR##15626918 and CR#15626924 for more details. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2017:2008 |