Bug 192822

Summary: dbus updates for new audit system (take 2)
Product: Red Hat Enterprise Linux 4 Reporter: Bastien Nocera <bnocera>
Component: dbusAssignee: John (J5) Palmieri <johnp>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 4.0CC: jkeck, tao
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-08-31 22:01:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 159218    
Bug Blocks: 176344    

Description Bastien Nocera 2006-05-23 13:30:40 UTC 
+++ This bug was initially created as a clone of Bug #159218 +++

-- Additional comment from johnp on 2005-08-02 15:50 EST --
Created an attachment (id=117371)
Script for testing AVC messages


-- Additional comment from lockhart on 2005-09-16 15:19 EST --
With the test script, messages appear in /var/log/messages (not
/var/log/audit/audit.log), and are like so:

Sep 16 12:26:13 butterbeer dbus: Can't send to audit system: USER_AVC pid=2762
uid=81 loginuid=-1 message=avc:  denied  { send_msg } for
scontext=root:system_r:initrc_t tcontext=root:system_r:unconfined_t tclass=dbus


-- Additional comment from sgrubb on 2005-09-16 15:23 EST --
OK. The process must be root to write to audit socket. The code is demonstrating
the correct behavior for non-root processes. I am satisfied with the current
state for U2. We can take another run at this in U3.
Comment 1 Daniel Riek 2006-08-25 03:10:51 UTC 
The component of this request is planned to be updated in Red Hat enterprise
Linux 4.5.

This enhancement request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux maintenance release.

Product Management has requested further review of this enhancement by Red Hat
Engineering, for potential inclusion in a Red Hat Enterprise Linux Update
release for currently deployed products.

This enhancement is not yet committed for inclusion in an Update release.
Comment 2 John (J5) Palmieri 2006-08-31 22:01:53 UTC 
Same bug.

*** This bug has been marked as a duplicate of 178037 ***