kernel-packages team mailing list archive

Thread
Date

[Bug 1473584] Re: AUDIT_USER_AVC messages are not printk'ed when auditd is not running

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Adam Conrad <adconrad@xxxxxxx>
Date: Tue, 14 Jul 2015 17:15:27 -0000
Reply-to: Bug 1473584 <1473584@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The following backports to vivid have been accepted in vivid-proposed,
please verify them:

[ubuntu/vivid-proposed] linux-mako 3.4.0-6.37~15.04.1 (Accepted)
[ubuntu/vivid-proposed] linux-manta 3.4.0-7.32~15.04.1 (Accepted)
[ubuntu/vivid-proposed] linux-flo 3.4.0-4.18~15.04.1 (Accepted)
[ubuntu/vivid-proposed] linux-goldfish 3.4.0-4.24~15.04.1 (Accepted)

** Tags added: verification-needed

** Changed in: linux-flo (Ubuntu Vivid)
       Status: New => Fix Committed

** Changed in: linux-goldfish (Ubuntu Vivid)
       Status: New => Fix Committed

** Changed in: linux-mako (Ubuntu Vivid)
       Status: New => Fix Committed

** Changed in: linux-manta (Ubuntu Vivid)
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-mako in Ubuntu.
https://bugs.launchpad.net/bugs/1473584

Title:
  AUDIT_USER_AVC messages are not printk'ed when auditd is not running

Status in linux-flo package in Ubuntu:
  Fix Released
Status in linux-goldfish package in Ubuntu:
  Fix Released
Status in linux-mako package in Ubuntu:
  Fix Released
Status in linux-manta package in Ubuntu:
  Fix Released
Status in linux-flo source package in Vivid:
  Fix Committed
Status in linux-goldfish source package in Vivid:
  Fix Committed
Status in linux-mako source package in Vivid:
  Fix Committed
Status in linux-manta source package in Vivid:
  Fix Committed

Bug description:
  The auditd daemon is not part of the default phone images. At the
  kernel level, the audit_enabled variable remains 0 until an auditd
  daemon registers itself. There is a bug in old kernels that causes
  AUDIT_USER_AVC messages to be ignored when audit_enabled is 0. I fixed
  the bug several years ago and marked the patch for the stable tree but
  the phone kernels (mako, at least) did not pull in the patch. The
  upstream commit id is:

    0868a5e150bc4c47e7a003367cd755811eb41e0b

  What this means for our phone images is that any denial messages from
  the system D-Bus daemon are dropped instead of being properly routed
  to the syslog. This results in headaches for debugging app confinement
  denials.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-flo/+bug/1473584/+subscriptions

References

[Bug 1473584] [NEW] AUDIT_USER_AVC messages are not printk'ed when auditd is not running
From: Tyler Hicks, 2015-07-10