Bug 159218 - dbus updates for new audit system
Summary: dbus updates for new audit system
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: dbus
Version: 4.0
Hardware: All
OS: Linux
high
medium
Target Milestone: ---
: ---
Assignee: John (J5) Palmieri
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 113381 156322 192822
TreeView+ depends on / blocked
 
Reported: 2005-05-31 17:40 UTC by Steve Grubb
Modified: 2013-03-13 04:48 UTC (History)
1 user (show)

Fixed In Version: RHEA-2005-515
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-10-05 14:32:19 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
patch to add audit enhancements (2.80 KB, patch)
2005-05-31 19:22 UTC, Steve Grubb
no flags Details | Diff
Script for testing AVC messages (1.46 KB, text/plain)
2005-08-02 19:50 UTC, John (J5) Palmieri
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2005:515 0 qe-ready SHIPPED_LIVE dbus enhancement update 2005-10-05 04:00:00 UTC

Description Steve Grubb 2005-05-31 17:40:37 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4

Description of problem:
dbus needs an update for the new audit system. I will attach a patch that provides the needed functionality.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. New functionality

Additional info:

Comment 1 Steve Grubb 2005-05-31 17:41:38 UTC
It should be noted that the patch that will be provided is to steer SE LInux avc
denila messages into the audit system.

Comment 2 Steve Grubb 2005-05-31 19:22:11 UTC
Created attachment 115008 [details]
patch to add audit enhancements

This patch is similar to the one put into FC4. It uses the new interface for
user space AVC denial reporting, though. It has a dependency on
audit-libs-devel >= 0.9. This patch is safe to push into FC4 should the
opportunity arise. 

Also, please put this into rawhide for FC5. Thanks.

Comment 5 John (J5) Palmieri 2005-06-09 19:20:29 UTC
I have this built in rawhide but it is not building in the RHEL-4 tree.  I am
getting this error:

if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I..  -DDAEMON_NAME=\"dbus-daemon-1\" 
-DDBUS_COMPILATION -DDBUS_SYSTEM_CONFIG_FILE=\""/etc/dbus-1/system.conf"\"
-DDBUS_SESSION_CONFIG_FILE=\""/etc/dbus-1/session.conf"\" 
-DDBUS_API_SUBJECT_TO_CHANGE=1   -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2
-fexceptions -m32 -march=i386 -mtune=pentium4 -fasynchronous-unwind-tables -Wall
-Wchar-subscripts -Wmissing-declarations -Wmissing-prototypes -Wnested-externs
-Wpointer-arith -Wcast-align -Wsign-compare -MT selinux.o -MD -MP -MF
".deps/selinux.Tpo" -c -o selinux.o selinux.c; \
then mv -f ".deps/selinux.Tpo" ".deps/selinux.Po"; else rm -f
".deps/selinux.Tpo"; exit 1; fi
In file included from selinux.c:41:
/usr/include/libaudit.h:101: error: redefinition of âstruct audit_messageâ
selinux.c: In function âbus_selinux_pre_initâ:
selinux.c:232: warning: unused variable âbus_contextâ
selinux.c: In function âbus_selinux_full_initâ:
selinux.c:260: warning: unused variable ârâ
make: *** [selinux.o] Error 1

The line -
/usr/include/libaudit.h:101: error: redefinition of âstruct audit_messageâ
says there is a redefinition but doesn't tell me where it is being redefined from. 

I have the updated spec and patch checked into CVS.  Steve, can you take a look?

Thanks

Comment 6 Steve Grubb 2005-06-09 19:31:46 UTC
I think the error is related to some stuff that was moved into
glibc-kernheaders. I didn't know that glibc-kernheaders was updated in the RHEL4
build area yet. If it is, I'll upgrade the audit package and then we're set.

Comment 7 John (J5) Palmieri 2005-06-09 19:38:23 UTC
I was building on my local machine.  Let me try a build in beehive.  The rawhide
tree built fine on my local machine.

Comment 8 John (J5) Palmieri 2005-06-09 20:00:23 UTC
My fault.  I assumed it would build fine localy since the same patch built in
the rawhide tree.  Builds fine in beehive.  Writting up errata.

Comment 14 John (J5) Palmieri 2005-08-02 19:48:44 UTC
new package built.  Attaching test script.

Comment 15 John (J5) Palmieri 2005-08-02 19:50:00 UTC
Created attachment 117371 [details]
Script for testing AVC messages

Comment 20 Red Hat Bugzilla 2005-10-05 14:32:19 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2005-515.html



Note You need to log in before you can comment on or make changes to this bug.