diff options
author | Josh Boyer <jwboyer@redhat.com> | 2014-03-03 12:11:04 -0500 |
---|---|---|
committer | Josh Boyer <jwboyer@redhat.com> | 2014-03-03 12:11:13 -0500 |
commit | 25d533701f34bc69a83aecf3f5f6b3e79c0f7633 (patch) | |
tree | 8ebeadc4938271eb9abe1da09f0173bbdc56a08b | |
parent | b23fd10e1831cc58a7c44652b055ddfb5a6d5585 (diff) | |
download | kernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.tar.gz kernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.tar.xz kernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.zip |
Fix overly verbose audit logs (rhbz 1066064)
-rw-r--r-- | audit-don-t-generate-loginuid-log-when-audit-disable.patch | 36 | ||||
-rw-r--r-- | kernel.spec | 9 |
2 files changed, 45 insertions, 0 deletions
diff --git a/audit-don-t-generate-loginuid-log-when-audit-disable.patch b/audit-don-t-generate-loginuid-log-when-audit-disable.patch new file mode 100644 index 00000000..84669f8a --- /dev/null +++ b/audit-don-t-generate-loginuid-log-when-audit-disable.patch @@ -0,0 +1,36 @@ +Bugzilla: 1066064 +Upstream-status: 3.14-rc1 + +From c2412d91c68426e22add16550f97ae5cd988a159 Mon Sep 17 00:00:00 2001 +From: Gao feng <gaofeng@cn.fujitsu.com> +Date: Fri, 1 Nov 2013 19:34:45 +0800 +Subject: [PATCH] audit: don't generate loginuid log when audit disabled + +If audit is disabled, we shouldn't generate loginuid audit +log. + +Acked-by: Eric Paris <eparis@redhat.com> +Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> +Signed-off-by: Richard Guy Briggs <rgb@redhat.com> +Signed-off-by: Eric Paris <eparis@redhat.com> +--- + kernel/auditsc.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/kernel/auditsc.c b/kernel/auditsc.c +index df1e685..9ab02fa 100644 +--- a/kernel/auditsc.c ++++ b/kernel/auditsc.c +@@ -1971,6 +1971,9 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid, + struct audit_buffer *ab; + uid_t uid, ologinuid, nloginuid; + ++ if (!audit_enabled) ++ return; ++ + uid = from_kuid(&init_user_ns, task_uid(current)); + ologinuid = from_kuid(&init_user_ns, koldloginuid); + nloginuid = from_kuid(&init_user_ns, kloginuid), +-- +1.8.5.3 + diff --git a/kernel.spec b/kernel.spec index b7f53f10..a4f311ca 100644 --- a/kernel.spec +++ b/kernel.spec @@ -773,6 +773,9 @@ Patch25027: kvm-x86-fix-emulator-buffer-overflow.patch #rhbz 1065087 Patch25028: tty-Fix-low_latency-BUG.patch +#rhbz 1066064 +Patch25029: audit-don-t-generate-loginuid-log-when-audit-disable.patch + # END OF PATCH DEFINITIONS %endif @@ -1502,6 +1505,9 @@ ApplyPatch kvm-x86-fix-emulator-buffer-overflow.patch #rhbz 1065087 ApplyPatch tty-Fix-low_latency-BUG.patch +#rhbz 1066064 +ApplyPatch audit-don-t-generate-loginuid-log-when-audit-disable.patch + # END OF PATCH APPLICATIONS %endif @@ -2313,6 +2319,9 @@ fi # ||----w | # || || %changelog +* Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org> +- Fix overly verbose audit logs (rhbz 1066064) + * Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-201 - CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837) - Fix atomic sched BUG in tty low_latency (rhbz 1065087) |