| Summary: | IMA audit events don't show success correctly | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Steve Grubb <sgrubb> |
| Component: | kernel | Assignee: | Eric Paris <eparis> |
| Status: | CLOSED ERRATA | QA Contact: | John Brier <jbrier> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 6.2 | CC: | emcnabb, kzhang |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | kernel-2.6.32-244.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-20 08:19:50 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Steve Grubb
2012-01-24 16:36:18 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release. Patch(es) available on kernel-2.6.32-244.el6 VERIFIED = reproduced = [root@amd-annapurna-01 ~]# uname -r 2.6.32-220.el6.x86_64 [root@amd-annapurna-01 ~]# ausearch --start recent -m INTEGRITY_PCR --success yes | grep --color res=0 | head -n 1 type=INTEGRITY_PCR msg=audit(1331841221.643:1593): pid=1974 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 op="add_template_measure" cause="hash_added" comm="sshd" name="protocols" dev=dm-0 ino=2883623 res=0 = verified = [root@amd-annapurna-01 ~]# uname -r 2.6.32-252.el6.x86_64 [root@amd-annapurna-01 ~]# ausearch --start recent -m INTEGRITY_PCR --success yes | grep res=0 [root@amd-annapurna-01 ~]# Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-0862.html |