Red Hat Bugzilla – Bug 174392
incorrect audit record in userdel
Last modified: 2007-11-30 17:07:21 EST
Description of problem:
The audit record emitted from userdel when a user's mail file is removed
incorrectly says the operation failed even when it succeeded.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Make sure auditd is running
2. Create a user account with useradd
3. Delete the account with 'userdel -r'
type=USER_CHAUTHTOK msg=audit(1132783148.877:449): user pid=18753 uid=0 auid=501
msg='userdel: op=deleting mail file acct=ljk2 res=failed'
Should say "res=success"
A one line fix (attached) is needed in userdel.c
We need a version of shadow-utils with this fix so that HP can complete its CAPP
evaluation of RHEL4 U2.
Created attachment 121557 [details]
patch to fix incorrect audit record
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.