← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1722313] Re: Enable auditing in util-linux.

 

** Changed in: util-linux (Debian)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1722313

Title:
  Enable auditing in util-linux.

Status in util-linux package in Ubuntu:
  Fix Released
Status in util-linux source package in Xenial:
  Fix Released
Status in util-linux source package in Zesty:
  Fix Committed
Status in util-linux source package in Artful:
  Fix Released
Status in util-linux package in Debian:
  Fix Released

Bug description:
  [IMPACT]
  Enable auditing in util-linux. The config option, --with-audit enables auditing.

  Only the hwclock and the login commands within util-linux package have
  source code for auditing. But that source code is disabled by default
  and requires the config option, --with-audit to enable it. The login
  command is not built nor shipped in util-linux. Ubuntu uses the login
  command from shadow instead. Thus, only hwclock command would be
  affected by this change.

  The change would enable the hwclock command to generate an audit log
  message to /var/log/audit/audit.log whenever it changes the hardware
  clock. This message will only get logged to /var/log/audit/audit.log,
  if auditd daemon is running. Otherwise, if the auditd is not running,
  like most log messages, it will get logged to /var/log/kern.log and|or
  /var/log/syslog if these services are enabled.

  That the hwclock generates an audit message when hardware clock is
  changed is a requirement for Common Criteria EAL2 certification for
  Xenial.

  [TEST]

  This has been tested on both P8 and amd64 architectures. With the
  patch all the Common Criteria testcases pass for hwclock. Before this
  patch, the functional part of the testcase passed, but the check for
  the triggered audit records would fail. Attached the Common Criteria
  testcase below.

  Also, the util-linux package has testcases that get run during the
  build. All of these pass. Pointer to build log below.

  [REGRESSION POTENTIAL]
  The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions