Description of problem: from autrace manpage: As a safety precaution, it will not run unless all rules are deleted with auditctl prior to use. Version-Release number of selected component (if applicable): audit 2.5.1 1fc23 Fedora 23 Server Edition How reproducible: always Steps to Reproduce: [as root] 1.auditctl -w /etc/shadow 2. auditctl -l -w /etc/shadow -p rwxa 3. autrace /bin/ls /tmp Actual results:i Waiting to execute: /bin/ls Cleaning up... Trace complete. You can locate the records with 'ausearch -i -p 31229' auditctl -l No rules Expected results: root@host:~# autrace /bin/ls /tmp autrace cannot be run with rules loaded. Please delete all rules using ‘auditctl -D’ if you really wanted to run this command. http://linux-audit.com/configuring-and-auditing-linux-systems-with-audit-daemon/
Hi, Autrace is supposed to run only when the rule count is 0. https://fedorahosted.org/audit/browser/trunk/src/autrace.c#L190 Looking through the code, the only way that I can see this happening is if no rules get listed and the koop times out. It works fine on my system. Is there any chance you can put a few printfs in the count_em() function to see what is going wrong? In the mean time, I'll update the code so that a loop timeout cannot return 0.
Loop timeout fixup is svn commit 1258.
audit-2.6-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f6589e252
audit-2.6-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-122f332493
audit-2.6-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-122f332493
audit-2.6-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f6589e252
audit-2.6-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
audit-2.6.1-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-20e8af4a21
audit-2.6.1-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-20e8af4a21
audit-2.6.2-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf659f2cf3
audit-2.6.2-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-afa82d90dd
audit-2.6.2-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-afa82d90dd
audit-2.6.2-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf659f2cf3
audit-2.6.2-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.