Bug 901533 - reload action is not implemented
Summary: reload action is not implemented
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: audit
Version: 7.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: beta
: 7.0
Assignee: Steve Grubb
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks: RHEL7CCC 901583
TreeView+ depends on / blocked
 
Reported: 2013-01-18 12:37 UTC by Ondrej Moriš
Modified: 2014-06-13 10:53 UTC (History)
1 user (show)

Fixed In Version: audit-2.3-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-13 10:53:27 UTC


Attachments (Terms of Use)
Patch adding reload action (357 bytes, patch)
2013-04-11 13:52 UTC, Ondrej Moriš
no flags Details | Diff

Description Ondrej Moriš 2013-01-18 12:37:25 UTC
Description of problem:

Before RHEL7, there was reload action in auditd initscript. It is no longer present in RHEL7. I am aware that a lot changes came with systemd and hence it might be tricky to add missing "resume" and "rotate" actions, but systemd supports "reload" service action. Is it possible to define ExecReload target for reloading in a way it was implemented in RHEL<7 (I see it works by sending a specific signal to auditd deamon)?

Version-Release number of selected component (if applicable):

audit-2.2.1-2.el7.x86_64

How reproducible:

100%

Steps to Reproduce:

1. systemctl reload auditd.service
  
Actual results:

Failed to issue method call: Job type reload is not applicable for unit auditd.service.

Expected results:

Correct reload.

Comment 1 Ondrej Moriš 2013-04-11 13:49:36 UTC
Hi Steve, I made a trivial patch to fix this issue (attached). As mentioned in the description, systemd supports ExecReload unit file action and according to the documentation [1] classical reload action (from RHEL6 times) can be done by adding:

ExecReload=/bin/kill -HUP $MAINPID

(which is exactly what a patch do)

[1] http://www.freedesktop.org/software/systemd/man/systemd.service.html

On RHEL7 calling service auditd reload with the patch then trigger correct (single) audit event:

type=DAEMON_CONFIG msg=audit(1365673723.982:4896) config changed, auid=0 pid=15422 subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 res=success

Comment 2 Ondrej Moriš 2013-04-11 13:52:12 UTC
Created attachment 734211 [details]
Patch adding reload action

Comment 3 Steve Grubb 2013-04-13 14:51:05 UTC
Thanks...but the patch file looks empty. However, I copy and pasted the line in comment #1 to the service file. Fixed in upstream commit 775.

Comment 4 Ondrej Moriš 2013-04-15 09:40:55 UTC
Thanks Steve. 

[BTW: It is not empty, bugzilla just hides it somehow and one have to click "View" to see it - https://bugzilla.redhat.com/attachment.cgi?id=734211]

Comment 5 Miroslav Vadkerti 2013-07-08 08:10:43 UTC
Verified as fixed in audit-2.3.1-2.el7

:: [   PASS   ] ::  Service have to implement reload function. (Expected 0, got 0)

Comment 7 Ludek Smid 2014-06-13 10:53:27 UTC
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.


Note You need to log in before you can comment on or make changes to this bug.