Bug 901533

Summary: reload action is not implemented
Product: Red Hat Enterprise Linux 7 Reporter: Ondrej Moriš <omoris>
Component: auditAssignee: Steve Grubb <sgrubb>
Status: CLOSED CURRENTRELEASE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: mvadkert
Target Milestone: beta   
Target Release: 7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: audit-2.3-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 10:53:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 717785, 901583    
Attachments:
Description Flags
Patch adding reload action none

Description Ondrej Moriš 2013-01-18 12:37:25 UTC 
Description of problem:

Before RHEL7, there was reload action in auditd initscript. It is no longer present in RHEL7. I am aware that a lot changes came with systemd and hence it might be tricky to add missing "resume" and "rotate" actions, but systemd supports "reload" service action. Is it possible to define ExecReload target for reloading in a way it was implemented in RHEL<7 (I see it works by sending a specific signal to auditd deamon)?

Version-Release number of selected component (if applicable):

audit-2.2.1-2.el7.x86_64

How reproducible:

100%

Steps to Reproduce:

1. systemctl reload auditd.service
  
Actual results:

Failed to issue method call: Job type reload is not applicable for unit auditd.service.

Expected results:

Correct reload.
Comment 1 Ondrej Moriš 2013-04-11 13:49:36 UTC 
Hi Steve, I made a trivial patch to fix this issue (attached). As mentioned in the description, systemd supports ExecReload unit file action and according to the documentation [1] classical reload action (from RHEL6 times) can be done by adding:

ExecReload=/bin/kill -HUP $MAINPID

(which is exactly what a patch do)

[1] http://www.freedesktop.org/software/systemd/man/systemd.service.html

On RHEL7 calling service auditd reload with the patch then trigger correct (single) audit event:

type=DAEMON_CONFIG msg=audit(1365673723.982:4896) config changed, auid=0 pid=15422 subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 res=success
Comment 2 Ondrej Moriš 2013-04-11 13:52:12 UTC 
Created attachment 734211 [details]
Patch adding reload action
Comment 3 Steve Grubb 2013-04-13 14:51:05 UTC 
Thanks...but the patch file looks empty. However, I copy and pasted the line in comment #1 to the service file. Fixed in upstream commit 775.
Comment 4 Ondrej Moriš 2013-04-15 09:40:55 UTC 
Thanks Steve. 

[BTW: It is not empty, bugzilla just hides it somehow and one have to click "View" to see it - https://bugzilla.redhat.com/attachment.cgi?id=734211]
Comment 5 Miroslav Vadkerti 2013-07-08 08:10:43 UTC 
Verified as fixed in audit-2.3.1-2.el7

:: [   PASS   ] ::  Service have to implement reload function. (Expected 0, got 0)
Comment 7 Ludek Smid 2014-06-13 10:53:27 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.