Bug 123364 - netlink_unicast returns addr of struct instead of error code.
Summary: netlink_unicast returns addr of struct instead of error code.
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Peter Martuccelli
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2004-05-17 17:53 UTC by Peter Martuccelli
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-07-09 21:10:35 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Peter Martuccelli 2004-05-17 17:53:49 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.2)

Description of problem:
Problem manifested itself when testing audit code.  Transitioning from
default /var/log/message logging to auditd logging worked properly. 
When the auditd daemon was termintaed, or suspended, /var/log/message
should have been used to continue logging the audit records.  The
transition from auditd logging to /var/log/message logging never
occurred due to a typo in the af_netlink.c - netlink_unicast()
function returning the value of the socket buffer, not the proper
error code.  The audit code never received the proper error indication
so audit logging ceased untill the auditd daemon was restarted, or the
system was rebooted.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.enable logging via auditctl
2.add an audit rule via audtictl
3.audit records go to /var/log/message
4.start auditd, records now go to auditd daemon
5.stop auditd
6.no additional audit records are recorded in /var/log/message

Actual Results:  as described

Expected Results:  audit records should go to /var/og/messages if no
auditd daemon is active.

Additional info:

Note You need to log in before you can comment on or make changes to this bug.