Bug 159215
| Summary: | shadow-utils updates for new audit system | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Steve Grubb <sgrubb> | ||||||||||
| Component: | shadow-utils | Assignee: | Peter Vrabec <pvrabec> | ||||||||||
| Status: | CLOSED ERRATA | QA Contact: | David Lawrence <dkl> | ||||||||||
| Severity: | medium | Docs Contact: | |||||||||||
| Priority: | high | ||||||||||||
| Version: | 4.0 | Keywords: | FutureFeature | ||||||||||
| Target Milestone: | --- | ||||||||||||
| Target Release: | --- | ||||||||||||
| Hardware: | All | ||||||||||||
| OS: | Linux | ||||||||||||
| Whiteboard: | |||||||||||||
| Fixed In Version: | RHBA-2005-309 | Doc Type: | Enhancement | ||||||||||
| Doc Text: | Story Points: | --- | |||||||||||
| Clone Of: | Environment: | ||||||||||||
| Last Closed: | 2005-10-05 12:42:43 UTC | Type: | --- | ||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||
| Documentation: | --- | CRM: | |||||||||||
| Verified Versions: | Category: | --- | |||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
| Embargoed: | |||||||||||||
| Bug Depends On: | |||||||||||||
| Bug Blocks: | 113381, 156322 | ||||||||||||
| Attachments: |
|
||||||||||||
|
Description
Steve Grubb
2005-05-31 17:19:13 UTC
Created attachment 115781 [details]
patch to add audit enhancements
This patch provides the needed updates to log important events into the audit
system. This is needed for IBM's eal/CAPP certification. If you could please
review this patch and build at the first opportunity, that would be
appreciated. IBM needs all rpms that are part of the certification this week.
Thanks!
You will need to add BuildRequires: audit-libs-devel >= 0.9.8 Created attachment 116433 [details]
patch to add audit enhancements
IBM found some problems in the previous patch. A new one is attached that
better identifies the account or group being modified. Please apply it. Thanks.
New patch was applied. /mnt/redhat/dist/4E-qu-candidate/shadow-utils/4.0.3-45.RHEL4 Created attachment 116808 [details]
patch to add audit enhancements
IBM found a couple more records that needed fixing. This patch corrects those
problems. We need to build another candidate release. Thanks.
/mnt/redhat/dist/4E-qu-candidate/shadow-utils/4.0.3-47.RHEL4 HP's testing shows another problem. chage records changes when done from the command line, but not via the interactive session. I will correct the latest patch and attach. Created attachment 117245 [details]
patch to add audit enhancements
This patch adds logging for chage when it goes into interactive mode.
/mnt/redhat/dist/4E-qu-candidate/shadow-utils/4.0.3-50.RHEL4 The CAPP requirements is to log any change to an account attribute. The necessary information is: who did it (loginuid), the acct affected, the operation being performed, and the results. The progams affected are: chage, gpasswd, groupadd, groupdel, groupmod, useradd, userdel, & usermod. There is one change that should be made for FC4 & rawhide. The audit_help_open
function should detect some other errno's in case it is running on a custome
kernel. It should be:
+void audit_help_open(void)
+{
+#ifdef WITH_AUDIT
+ audit_fd = audit_open();
+ if (audit_fd < 0) {
+ /* You get these only when the kernel doesn't have
+ * audit compiled in. */
+ if (errno == EINVAL || errno == EPROTONOSUPPORT ||
+ errno == EAFNOSUPPORT)
+ return;
+ fprintf(stderr, "Cannot open audit interface - aborting.\n");
+ exit(1);
+ }
+#endif
+}
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2005-309.html |