Bug 136657 (laus/audit) - CROND messages LAuS error when audit daemon not running
Summary: CROND messages LAuS error when audit daemon not running
Keywords:
Status: CLOSED DUPLICATE of bug 131860
Alias: laus/audit
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: audit
Version: 3.0
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Charlie Bennett
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-10-21 14:42 UTC by Marian ZUREK
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-21 19:06:32 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Marian ZUREK 2004-10-21 14:42:08 UTC 
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
just present

Steps to Reproduce:
1.
2.
3.
  
Actual results:
entriles in the log files saying:

Oct 20 00:01:00 lxb1428 CROND[25039]: LAuS error - do_command.c:226 -
laus_attach: (19) laus_attach: No such device Oct 20 00:25:00 lxb1428
CROND[25041]: LAuS error - do_command.c:226 - laus_attach: (19)
laus_attach: No such device Oct 20 00:30:00 lxb1428 CROND[25058]: LAuS
error - do_command.c:226 - laus_attach: (19) laus_attach: No such
device Oct 20 00:40:00 lxb1428 CROND[26731]: LAuS error -
do_command.c:226 - laus_attach: (19) laus_attach: No such device Oct
20 01:01:00 lxb1428 CROND[20140]: LAuS error - do_command.c:226 -
laus_attach: (19) laus_attach: No such device Oct 20 02:01:00 lxb1428
CROND[4187]: LAuS error - do_command.c:226 - laus_attach: (19)
laus_attach: No such device Oct 20 03:01:00 lxb1428 CROND[4191]: LAuS
error - do_command.c:226 - laus_attach: (19) laus_attach: No such
device Oct 20 03:30:00 lxb1428 CROND[4194]: LAuS error -
do_command.c:226 - laus_attach: (19) laus_attach: No such device
ORPHAN (no passwd entry) Oct 20 04:01:00 lxb1428 CROND[4259]: LAuS
error - do_command.c:226 - laus_attach: (19) laus_attach: No such
device Oct 20 04:02:00 lxb1428 CROND[4261]: LAuS error -
do_command.c:226 - laus_attach: (19) laus_attach: No such device Oct
20 05:00:00 lxb1428 CROND[28166]: LAuS error - do_command.c:226 -
laus_attach: (19) laus_attach: No such device Oct 20 05:01:00 lxb1428
CROND[28446]: LAuS error - do_command.c:226 - laus_attach: (19)
laus_attach: No such device Oct 20 06:01:00 lxb1428 CROND[10941]: LAuS
error - do_command.c:226 - laus_attach: (19) laus_a

Expected results:


Additional info:
Comment 2 Pancrazio `ezio' de Mauro 2004-10-25 10:08:56 UTC 
Quoting from bug 131860:

The underlying issue is that the user space tools assume that if they
can open the audit device then auditing is enabled.  There is no
provision for asking the audit device if there is an audit daemon
registered.  Given this state of affairs, the best option is to make
it impossible to open the audit device if auditing is to be disabled.

Assuming you want to run without auditd, try this:
add this line to /etc/modules.conf:

alias char-major-10-224 off

then shut down crond and atd and make sure the auditd is not running
and will not run.

This should drop the use count on the audit kernel module to 0 so that
your can rmmod the module.

Once you have you can restarted crond and atd and they should henceforth
run without those messages in the cron and at logs.
Comment 3 Pancrazio `ezio' de Mauro 2004-10-25 10:11:20 UTC 

*** This bug has been marked as a duplicate of 131860 ***
Comment 5 Red Hat Bugzilla 2006-02-21 19:06:32 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.
Note You need to log in before you can comment on or make changes to this bug.