Bug 159218 - dbus updates for new audit system
Summary: dbus updates for new audit system
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: dbus
Version: 4.0
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: John (J5) Palmieri
QA Contact:
Depends On:
Blocks: 113381 156322 192822
TreeView+ depends on / blocked
Reported: 2005-05-31 17:40 UTC by Steve Grubb
Modified: 2013-03-13 04:48 UTC (History)
1 user (show)

Fixed In Version: RHEA-2005-515
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed: 2005-10-05 14:32:19 UTC
Target Upstream Version:

Attachments (Terms of Use)
patch to add audit enhancements (2.80 KB, patch)
2005-05-31 19:22 UTC, Steve Grubb
no flags Details | Diff
Script for testing AVC messages (1.46 KB, text/plain)
2005-08-02 19:50 UTC, John (J5) Palmieri
no flags Details

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2005:515 0 qe-ready SHIPPED_LIVE dbus enhancement update 2005-10-05 04:00:00 UTC

Description Steve Grubb 2005-05-31 17:40:37 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4

Description of problem:
dbus needs an update for the new audit system. I will attach a patch that provides the needed functionality.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. New functionality

Additional info:

Comment 1 Steve Grubb 2005-05-31 17:41:38 UTC
It should be noted that the patch that will be provided is to steer SE LInux avc
denila messages into the audit system.

Comment 2 Steve Grubb 2005-05-31 19:22:11 UTC
Created attachment 115008 [details]
patch to add audit enhancements

This patch is similar to the one put into FC4. It uses the new interface for
user space AVC denial reporting, though. It has a dependency on
audit-libs-devel >= 0.9. This patch is safe to push into FC4 should the
opportunity arise. 

Also, please put this into rawhide for FC5. Thanks.

Comment 5 John (J5) Palmieri 2005-06-09 19:20:29 UTC
I have this built in rawhide but it is not building in the RHEL-4 tree.  I am
getting this error:

if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I..  -DDAEMON_NAME=\"dbus-daemon-1\" 
-DDBUS_COMPILATION -DDBUS_SYSTEM_CONFIG_FILE=\""/etc/dbus-1/system.conf"\"
-fexceptions -m32 -march=i386 -mtune=pentium4 -fasynchronous-unwind-tables -Wall
-Wchar-subscripts -Wmissing-declarations -Wmissing-prototypes -Wnested-externs
-Wpointer-arith -Wcast-align -Wsign-compare -MT selinux.o -MD -MP -MF
".deps/selinux.Tpo" -c -o selinux.o selinux.c; \
then mv -f ".deps/selinux.Tpo" ".deps/selinux.Po"; else rm -f
".deps/selinux.Tpo"; exit 1; fi
In file included from selinux.c:41:
/usr/include/libaudit.h:101: error: redefinition of âstruct audit_messageâ
selinux.c: In function âbus_selinux_pre_initâ:
selinux.c:232: warning: unused variable âbus_contextâ
selinux.c: In function âbus_selinux_full_initâ:
selinux.c:260: warning: unused variable ârâ
make: *** [selinux.o] Error 1

The line -
/usr/include/libaudit.h:101: error: redefinition of âstruct audit_messageâ
says there is a redefinition but doesn't tell me where it is being redefined from. 

I have the updated spec and patch checked into CVS.  Steve, can you take a look?


Comment 6 Steve Grubb 2005-06-09 19:31:46 UTC
I think the error is related to some stuff that was moved into
glibc-kernheaders. I didn't know that glibc-kernheaders was updated in the RHEL4
build area yet. If it is, I'll upgrade the audit package and then we're set.

Comment 7 John (J5) Palmieri 2005-06-09 19:38:23 UTC
I was building on my local machine.  Let me try a build in beehive.  The rawhide
tree built fine on my local machine.

Comment 8 John (J5) Palmieri 2005-06-09 20:00:23 UTC
My fault.  I assumed it would build fine localy since the same patch built in
the rawhide tree.  Builds fine in beehive.  Writting up errata.

Comment 14 John (J5) Palmieri 2005-08-02 19:48:44 UTC
new package built.  Attaching test script.

Comment 15 John (J5) Palmieri 2005-08-02 19:50:00 UTC
Created attachment 117371 [details]
Script for testing AVC messages

Comment 20 Red Hat Bugzilla 2005-10-05 14:32:19 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.