174392 – incorrect audit record in userdel

Bug 174392 - incorrect audit record in userdel

Summary: incorrect audit record in userdel

Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	shadow-utils
Sub Component:	(Show other bugs)
Version:	4.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Peter Vrabec
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:	168429
TreeView+	depends on / blocked

Reported:	2005-11-28 19:14 UTC by Linda Knippers
Modified:	2007-11-30 22:07 UTC (History)
CC List:	3 users (show)
Fixed In Version:	RHBA-2006-0035
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2006-03-07 18:29:42 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
patch to fix incorrect audit record (372 bytes, patch) 2005-11-28 19:14 UTC, Linda Knippers	no flags	Details \| Diff
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2006:0035	qe-ready	SHIPPED_LIVE	shadow-utils bug fix update	2006-03-06 05:00:00 UTC

Description Linda Knippers 2005-11-28 19:14:49 UTC

Description of problem:
The audit record emitted from userdel when a user's mail file is removed 
incorrectly says the operation failed even when it succeeded.

Version-Release number of selected component (if applicable):
shadow-utils-4.0.3-52.RHEL4

How reproducible:


Steps to Reproduce:
1.  Make sure auditd is running
2.  Create a user account with useradd
3.  Delete the account with 'userdel -r'
  
Actual results:
type=USER_CHAUTHTOK msg=audit(1132783148.877:449): user pid=18753 uid=0 auid=501
msg='userdel: op=deleting mail file acct=ljk2 res=failed'

Expected results:
Should say "res=success"

Additional info:
A one line fix (attached) is needed in userdel.c

We need a version of shadow-utils with this fix so that HP can complete its CAPP
evaluation of RHEL4 U2.

Comment 1 Linda Knippers 2005-11-28 19:14:50 UTC

Created attachment 121557 [details]
patch to fix incorrect audit record

Comment 3 Peter Vrabec 2005-11-29 11:09:42 UTC

/mnt/redhat/dist/4E-EAL-HP/shadow-utils/4.0.3-60.RHEL4
rawhide fixed.

Comment 7 Red Hat Bugzilla 2006-03-07 18:29:42 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0035.html

Note You need to log in before you can comment on or make changes to this bug.