Bug 1670997

Summary: Amend the user lifecycle auditing
Product: Red Hat Enterprise Linux 8 Reporter: Jakub Hrozek <jhrozek>
Component: libuserAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Filip Dvorak <fdvorak>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: dpal, pkis, sgrubb
Target Milestone: rcFlags: jhrozek: mirror+
Target Release: 8.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libuser-0.62-23.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 22:35:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1682287    
Bug Blocks:    
Attachments:
Description Flags
Patch to log group password change none

Description Jakub Hrozek 2019-01-30 13:44:15 UTC 
Description of problem:
RHEL-8.0 added audit support for libuser, but according to https://bugzilla.redhat.com/show_bug.cgi?id=1558151#c16 the support is incomplete.

This bug tracks adding whatever was missed from the initial implementation.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 3 Steve Grubb 2019-04-14 12:40:57 UTC 
Created attachment 1555040 [details]
Patch to log group password change

This patch should fix the issue. Should look something like:

type=GRP_CHAUTHTOK msg=audit(04/14/2019 08:36:59.602:2440) : pid=5821 uid=root auid=sgrubb ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=changing-group-passwd acct=testgroup2 exe=/home/sgrubb/working/BUILD/libuser-0.62/apps/.libs/lt-lgroupmod hostname=localhost addr=? terminal=pts/2 res=success'
Comment 8 Jakub Hrozek 2019-06-05 20:19:51 UTC 
* master: c6a4e9f596c976f71894269e3168567e6118236c
Comment 16 errata-xmlrpc 2019-11-05 22:35:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:3653