Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 452535

Summary: CONFIG_AUDITSYSCALL requires SELinux
Product: Red Hat Enterprise Linux 5 Reporter: Steve Snyder <swsnyder>
Component: kernelAssignee: Prarit Bhargava <prarit>
Status: CLOSED ERRATA QA Contact: Martin Jenner <mjenner>
Severity: low Docs Contact:
Priority: low    
Version: 5.2CC: dzickus, esandeen, hxunix
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-20 20:25:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
RHEL5 fix for this issue
none
RHEL5 Fix for this issue (version 2) none

Description Steve Snyder 2008-06-23 16:03:40 UTC 
Description of problem:

The RHEL 5.2 kernel requires SELinux to successfully compile the auditsc.c
source file.

Version-Release number of selected component (if applicable):

2.6.18-92.el5.i686

How reproducible:

Always

Steps to Reproduce:
1. Install source RPM kernel-2.6.18-92.el5.src.rpm
2. Edit the i686 kernel config (I used "make menuconfig") to disable SELinux support
3. Attempt to rebuild kernel
  
Actual results:

Build fails on source file auditsc.c due to unconditional use of SELinux
functions calls.  (Sorry, I didn't copy the exact error.  The undefined function
involved string and was probably selinux_ctxid_to_string().)

Expected results:

The doc for Auditd System Calls says that its use with other subsystems, such as
SELinux, is optional.  Moreover the 2 features (Auditd SC and SELinux) are not
linked in the kernel configuration system in that disabling SELinux support
seems not to recognize that Auditd System Calls is dependant upon it.

Additional info:

I am all too aware that Red Hat does not support user-configured kernels. 
Nevertheless, I think you might want to know that you have inadvertantly
introduced a dependency between 2 independent kernel features.

I fixed the problem locally by simply disabling CONFIG_AUDITSYSCALL, another
feature I don't use.  Red Hat will probably want to #ifdef the relevant code in
auditsc.c to SELinux support.
Comment 1 Prarit Bhargava 2008-06-26 12:19:17 UTC 
>I am all too aware that Red Hat does not support user-configured kernels. 
>Nevertheless, I think you might want to know that you have inadvertantly
>introduced a dependency between 2 independent kernel features.

So I don't have to go into my spiel about RH not supporting custom kernels but
they should at least compile? :) :) :)

Thanks again Steve -- I'll get a patch together shortly.

P.
Comment 2 Prarit Bhargava 2008-06-26 14:41:58 UTC 
Created attachment 310341 [details]
RHEL5 fix for this issue
Comment 3 RHEL Program Management 2008-06-26 14:58:16 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 5 Eric Paris 2008-07-06 14:40:52 UTC 
*** Bug 453715 has been marked as a duplicate of this bug. ***
Comment 6 Prarit Bhargava 2008-07-07 14:01:06 UTC 
Created attachment 311152 [details]
RHEL5 Fix for this issue (version 2)

Reworked patch.

P.
Comment 7 Don Zickus 2008-07-23 18:55:57 UTC 
in kernel-2.6.18-99.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5
Comment 11 errata-xmlrpc 2009-01-20 20:25:38 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-0225.html