Created attachment 492856 [details]
strace output of autrace -r /bin/ls on s390x
Description of problem:
Autrace fails to to add audit rules to trace a process on s390 in resource usage mode when it is set to limit syscalls collected to ones needed for analysing resource usage.
Version-Release number of selected component (if applicable):
# uname -a
Linux auto-s390-002.ss.eng.bos.redhat.com 2.6.32-128.el6.s390x #1 SMP Mon Mar 28 21:58:33 EDT 2011 s390x s390x s390x GNU/Linux
Steps to Reproduce:
1. # autrace -r /bin/ls
[root@auto-s390-002 ~]# autrace -r /bin/ls
Error inserting audit rule for pid=13163
Something like this
# autrace -r /bin/ls
Waiting to execute: /bin/ls
Trace complete. You can locate the records with 'ausearch -i -p 30207'
Works as expected without the resource usage mode
# autrace /bin/ls /tmp
Trace complete. You can locate the records with 'ausearch -i -p 13192'
Fixed upstream in this commit:
audit-2.1-4.el6 was built to resolve this problem.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.