Bug 156325 - auditctl output ends with a spurious 'No rules' message
Summary: auditctl output ends with a spurious 'No rules' message
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: audit
Version: rawhide
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Steve Grubb
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-04-28 22:05 UTC by Ziga Mahkovec
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version: 0.7.3-2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-06 14:26:41 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Ziga Mahkovec 2005-04-28 22:05:09 UTC 
Description of problem:
When an audit rule without a field is added, auditctl will append a "No rules"
message to the list.

Version-Release number of selected component (if applicable):
audit-0.7.1-1

How reproducible:
always

Steps to Reproduce:

# auditctl -D
No rules

# auditctl -a exit,always -S open
AUDIT_LIST: exit always syscall=open
No rules

# auditctl -l
AUDIT_LIST: exit always syscall=open
No rules

# auditctl -a exit,always -S open -F success=0
AUDIT_LIST: exit always syscall=open
AUDIT_LIST: exit always success=0 syscall=open

# auditctl -l
AUDIT_LIST: exit always syscall=open
AUDIT_LIST: exit always success=0 syscall=open

  
Actual results:
The first list command's result ends with a "No rules" message.

Expected results:
Only the rule should be listed, as is the case when the second rule is added.
Comment 1 Steve Grubb 2005-04-28 22:33:07 UTC 
Thanks for the report. I see the same problem. I'll try to get a new package out
soon.
Comment 2 Ziga Mahkovec 2005-05-06 13:59:21 UTC 
No longer seeing this with audit-0.7.3-2.
Comment 3 Steve Grubb 2005-05-06 14:26:41 UTC 
Good. I made some changes to the netlink communication protocol to try and
resolve it. I will consider this fixed. Thanks for the feedback.
Note You need to log in before you can comment on or make changes to this bug.