Bug 492166
Summary: | Problem with filtering based on auid | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Michal Marciniszyn <mmarcini> |
Component: | audit | Assignee: | Steve Grubb <sgrubb> |
Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE <qe-baseos-auto> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 4.7 | CC: | ebenes, jwest, sgrubb, tvujec |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-06-20 16:15:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 557032 |
Description
Michal Marciniszyn
2009-03-25 17:38:00 UTC
we are looking at it, but for now, we know you can use auid=-1 to get what you want. The source of the problem is in libaudit.c: @@ -641,7 +641,7 @@ int audit_rule_fieldpair(struct audit_ru vlen = strlen(v); if (isdigit((char)*(v))) rule->values[rule->field_count] = - strtol(v, NULL, 0); + strtoul(v, NULL, 0); else if (vlen >= 2 && *(v)=='-' && (isdigit((char)*(v+1)))) rule->values[rule->field_count] = Need to build a new audit package. Btw, this same patch is needed in RHEL5 and rawhide. Since RHEL 4.8 External Beta has begun, and this bugzilla remains unresolved, it has been rejected as it is not proposed as exception or blocker. Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. Please See https://access.redhat.com/support/policy/updates/errata/ If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue. |