Description of problem: The audit record emitted from userdel when a user's mail file is removed incorrectly says the operation failed even when it succeeded. Version-Release number of selected component (if applicable): shadow-utils-4.0.3-52.RHEL4 How reproducible: Steps to Reproduce: 1. Make sure auditd is running 2. Create a user account with useradd 3. Delete the account with 'userdel -r' Actual results: type=USER_CHAUTHTOK msg=audit(1132783148.877:449): user pid=18753 uid=0 auid=501 msg='userdel: op=deleting mail file acct=ljk2 res=failed' Expected results: Should say "res=success" Additional info: A one line fix (attached) is needed in userdel.c We need a version of shadow-utils with this fix so that HP can complete its CAPP evaluation of RHEL4 U2.
Created attachment 121557 [details] patch to fix incorrect audit record
/mnt/redhat/dist/4E-EAL-HP/shadow-utils/4.0.3-60.RHEL4 rawhide fixed.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2006-0035.html