Bug 123364 - netlink_unicast returns addr of struct instead of error code.
netlink_unicast returns addr of struct instead of error code.
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Martuccelli
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-05-17 13:53 EDT by Peter Martuccelli
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-07-09 17:10:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Peter Martuccelli 2004-05-17 13:53:49 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.2)

Description of problem:
Problem manifested itself when testing audit code.  Transitioning from
default /var/log/message logging to auditd logging worked properly. 
When the auditd daemon was termintaed, or suspended, /var/log/message
should have been used to continue logging the audit records.  The
transition from auditd logging to /var/log/message logging never
occurred due to a typo in the af_netlink.c - netlink_unicast()
function returning the value of the socket buffer, not the proper
error code.  The audit code never received the proper error indication
so audit logging ceased untill the auditd daemon was restarted, or the
system was rebooted.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.enable logging via auditctl
2.add an audit rule via audtictl
3.audit records go to /var/log/message
4.start auditd, records now go to auditd daemon
5.stop auditd
6.no additional audit records are recorded in /var/log/message

Actual Results:  as described

Expected Results:  audit records should go to /var/og/messages if no
auditd daemon is active.

Additional info:

Note You need to log in before you can comment on or make changes to this bug.