Description of problem: The Fedora-10 boot sequence fails if the kernel is compiled with CONFIG_AUDIT=n Version-Release number of selected component (if applicable): audit-1.7.12-1.fc10.x86_64 How reproducible: 100% reproducible Steps to Reproduce: 1. Configure kernel without CONFIG_AUDIT 2. Try to boot the system with 'auditd' enabled 3. No profit! Actual results: Hung boot, no login, no nothing Expected results: Auditd should just exit and the boot should continue, the way it used to work. Additional info: An 'strace' of the failure (done by disabling audit, booting into a kernel without auditing support, and then trying to enable auditing again) shows 3138 pipe([3, 4]) = 0 3138 fcntl(3, F_SETFD, FD_CLOEXEC) = 0 3138 fcntl(3, F_SETFD, FD_CLOEXEC) = 0 3138 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f7285cf2780) = 3139 3138 read(3, <unfinished ...> and note how buggy this is? That process 3138 should have closed its own copy of the output pipe (fd 4), but because it didn't do that, now when the child dies, the read() will never finish _anyway_, because the pipe writer is still open. This bug seems to have been introduced about a week ago when I did a yum update on this machine: /var/log/messages-20090308:Mar 4 07:51:47 nehalem yum: Updated: audit-libs-1.7.12-1.fc10.x86_64 /var/log/messages-20090308:Mar 4 07:51:49 nehalem yum: Updated: audit-1.7.12-1.fc10.x86_64 /var/log/messages-20090308:Mar 4 07:51:49 nehalem yum: Updated: audit-libs-python-1.7.12-1.fc10.x86_64 because before this, I've happily run Fedora-10 without audit support in the kernel forever.
Oh, side note: I didn't actually confirm that it's CONFIG_AUDIT itself that is the only thing missing. I'm not going to bother enabling auditing in the kernel to see exactly what it is that makes auditd fail. But the strace seems to imply that the failure to open /proc/self/loginuid is what makes the auditd children exit - it's just that auditd itself never exits once the children have exited, because as per above the 'read()' will never finish due to there still being a writer.
This problem was fixed in rawhide about a week ago. I'll push the change out to F-10 soon. Just in case you wanted the fix, it is here: https://fedorahosted.org/audit/changeset/265
audit-1.7.12-3.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/audit-1.7.12-3.fc10
I built a new audit package that should fix this problem. I was waiting till a little closer to 2.6.29 release to push this out in case something else needed to be included in an update. In any event, please give the 1.7.12-3 package a try and see if that doesn't work better for you. Thanks for reporting the problem.
audit-1.7.12-3.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update audit'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-2729
The updated audit package has been requested to be moved to the stable updates repository and should be available to everyone on the next push. Thanks for reporting the bug.
audit-1.7.12-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.