touch-packages team mailing list archive

[Launchpad Bug Tracker <1414817@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package shadow - 1:4.1.5.1-1.1ubuntu5

---------------
shadow (1:4.1.5.1-1.1ubuntu5) wily; urgency=medium

  * debian/rules: Re-enable audit support. (LP: #1414817)
  * debian/control: add libaudit-dev to Build-Depends.

 -- Mathieu Trudel-Lapierre <mathieu-tl@xxxxxxxxxx>  Tue, 02 Jun 2015
10:46:18 -0400

** Changed in: shadow (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1414817

Title:
  [Ubuntu 15.04] Ubuntu should audit account modification events

Status in shadow package in Ubuntu:
  Fix Released

Bug description:
  Ubuntu should log user modification events to the system audit trail
  (/var/log/audit/audit.log) but does not.

  Steps to Verify:

  - Install Ubuntu 14.04 on an x86_64 VM
  - apt install auditd
  - useradd testuser
  - ausearch -i

  Expected Results:

  An audit record should be appended to the audit trail that indicates
  testuser was added.

  Actual Results:

  An appropriate audit event was not appended to the audit trail.  A
  record is logged in /var/log/auth.log.

  Discussion:

  Auditable system events should be logged in the standard audit trail
  via the Linux audit subsystem. Doing so provides a central location
  where sysadmins can monitor security events. The Linux audit subsystem
  can be used to meet Common Criteria and compliance hardening standards
  requirements. OSPP v2.0
  [https://www.commoncriteriaportal.org/files/ppfiles/pp0067b_pdf.pdf]
  should provide a good reference for commonly logged audit events and
  other audit requirements.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1414817/+subscriptions