Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 401201 - sudo complains: audit_log_user_command(): Connection refused
sudo complains: audit_log_user_command(): Connection refused
Product: Fedora
Classification: Fedora
Component: sudo (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Peter Vrabec
Fedora Extras Quality Assurance
: Reopened
Depends On:
  Show dependency treegraph
Reported: 2007-11-27 11:02 EST by Pete Wyckoff
Modified: 2010-06-22 01:18 EDT (History)
10 users (show)

See Also:
Fixed In Version: 1.6.9p4-3.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-09-03 05:41:13 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
new sudo-1.6.9p13-audit.patch (12.77 KB, patch)
2008-06-13 09:49 EDT, Daniel Drake
no flags Details | Diff
interdiff (558 bytes, text/plain)
2008-06-13 09:50 EDT, Daniel Drake
no flags Details

  None (edit)
Description Pete Wyckoff 2007-11-27 11:02:30 EST
Description of problem:
sudo complains if auditd is not running, but still works.  It says
audit_log_user_command(): Connection refused

Version-Release number of selected component (if applicable):

How reproducible:
every time

Steps to Reproduce:
run sudo successfully

Suggest removing the perror("audit_log_user_command()") in audit_logger()
in the patch sudo-1.6.9p4-audit.patch.  Sites that do not run auditd will
thus not be bothered with the error message every time.
Comment 1 Peter Vrabec 2008-01-08 05:44:07 EST
This problem should be fixed in sudo-1.6.9p4-3.fc8.
Comment 2 Fedora Update System 2008-01-11 17:29:26 EST
sudo-1.6.9p4-3.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 3 Albert Sidelnik 2008-01-13 02:15:11 EST
Just updated to sudo-1.6.9p4-3.fc8  and I am still seeing 
"audit_log_user_command(): Connection refused"
Comment 4 Pete Wyckoff 2008-01-16 09:55:32 EST
Yup, still complains in 1.6.9p4-3.fc8 on x86_64.  Even though the
netlink socket create works, a write may fail if no daemon is
listening.  Just ignore ECONNREFUSED too, or all errors for that
Comment 5 Askar Ali Khan 2008-01-24 09:24:47 EST
today i have upgraded one of f7 to f8 running as virtual machine (UML) and i am
getting the same error 'audit_log_user_command(): Connection refused' any fix
for that ?

sudo-1.6.9p4-3.fc8 is installed.

Comment 6 Askar Ali Khan 2008-02-18 12:11:42 EST
I don't know its relevant or not we have fixed the sudo error
'audit_log_user_command(): Connection refused' by compiling kernel 2.6.23 and
enabled AUDITD support by 'CONFIG_AUDIT=y' 

sudo not any more complaining even if auitd is not running. However we where
using the old kernel (for all our UML hosts) on fedora 6 , Fedora 7 and sudo was
fine it start complaining after upgrading the hosts to fedora 8.

Comment 7 Jameel Gbajabiamila 2008-04-13 17:49:42 EDT
I am still getting this error on 1.6.9p4-4.fc8 
Comment 8 Trevor Rowe 2008-05-07 11:52:51 EDT
I upgraded from fedora6 to fedora8.  I am using version 1.6.9p4-4.fc8 (32 bit)
and I am still getting the complaint.  
Comment 9 Tarhon-Onu Victor 2008-05-31 03:21:50 EDT
The annoying connection error to auditd is still there in the latest updates too:

blackblue 10:20:12 (Mituc):~>cat /etc/redhat-release 
Fedora release 8 (Werewolf)
blackblue 10:20:15 (Mituc):~>sudo /bin/true
audit_log_user_command(): Connection refused
blackblue 10:20:19 (Mituc):~>rpm -q sudo
Comment 10 Andrew Burgess 2008-06-12 13:07:33 EDT
(In reply to comment #1)
> This problem should be fixed in sudo-1.6.9p4-3.fc8.

I am unable to change the "Fixed In" field so I'm wondering if the assignee Peter 
Vrabec knows that it is still a problem.

I'll try reassigning to the same guy...
Comment 11 Daniel Drake 2008-06-13 09:49:15 EDT
Created attachment 309211 [details]
new sudo-1.6.9p13-audit.patch

This was supposedly fixed in version 1.6.9p4-5 but I can't find any changes
that were actually made in that version except a changelog entry and a version
number change. (but then again I'm not very good with CVS)

Here's an updated version of sudo-1.6.9p13-audit.patch which adds in a check
for ECONNREFUSED. I've tested it and it does solve the issue (which indeed only
appears when you disable CONFIG_AUDIT, it's enabled by default in fedora
kernels but not in OLPC kernels).
Comment 12 Daniel Drake 2008-06-13 09:50:27 EDT
Created attachment 309212 [details]

interdiff output showing the changes that I made to the patch
Comment 13 Ed Swierk 2008-07-23 18:05:08 EDT
sudo-1.6.9p13-4.fc9 and sudo-1.6.9p17-1.fc10 still have this problem, and the
attached patch (interdiff) fixes it.
Comment 14 Peter Vrabec 2008-09-02 09:47:06 EDT
Daniel, I would suggest to change the patch.

- if( err <= 0 && !(errno == EPERM && getuid() != 0) )
+ if( err <= 0 && !((errno == EPERM && getuid() > 0) || errno == ECONNREFUSED )
Comment 15 Daniel Drake 2008-09-02 11:29:12 EDT
Sounds fine to me. OLPC no longer use this sudo package so it's not an issue for us any more...
Comment 16 Peter Vrabec 2008-09-03 05:41:13 EDT
fixed in sudo-1_6_9p17-2_fc10
Comment 17 Dmitry Goryainov 2009-12-28 04:43:16 EST
sudo-1.6.9p17-5.el5 have this problem
Comment 18 Ilya A. Otyutskiy 2010-02-11 09:09:16 EST
confirming problem with sudo-1.6.9p17-5.el5
Comment 19 Serg 2010-06-22 01:18:50 EDT
same problem solved by yum update sudo

Note You need to log in before you can comment on or make changes to this bug.