summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosh Boyer <jwboyer@redhat.com>2014-03-03 12:11:04 -0500
committerJosh Boyer <jwboyer@redhat.com>2014-03-03 12:11:13 -0500
commit25d533701f34bc69a83aecf3f5f6b3e79c0f7633 (patch)
tree8ebeadc4938271eb9abe1da09f0173bbdc56a08b
parentb23fd10e1831cc58a7c44652b055ddfb5a6d5585 (diff)
downloadkernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.tar.gz
kernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.tar.xz
kernel-25d533701f34bc69a83aecf3f5f6b3e79c0f7633.zip
Fix overly verbose audit logs (rhbz 1066064)
Diffstat
-rw-r--r--audit-don-t-generate-loginuid-log-when-audit-disable.patch36
-rw-r--r--kernel.spec9
2 files changed, 45 insertions, 0 deletions
diff --git a/audit-don-t-generate-loginuid-log-when-audit-disable.patch b/audit-don-t-generate-loginuid-log-when-audit-disable.patch
new file mode 100644
index 00000000..84669f8a
--- /dev/null
+++ b/audit-don-t-generate-loginuid-log-when-audit-disable.patch
@@ -0,0 +1,36 @@
+Bugzilla: 1066064
+Upstream-status: 3.14-rc1
+
+From c2412d91c68426e22add16550f97ae5cd988a159 Mon Sep 17 00:00:00 2001
+From: Gao feng <gaofeng@cn.fujitsu.com>
+Date: Fri, 1 Nov 2013 19:34:45 +0800
+Subject: [PATCH] audit: don't generate loginuid log when audit disabled
+
+If audit is disabled, we shouldn't generate loginuid audit
+log.
+
+Acked-by: Eric Paris <eparis@redhat.com>
+Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
+Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
+Signed-off-by: Eric Paris <eparis@redhat.com>
+---
+ kernel/auditsc.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/kernel/auditsc.c b/kernel/auditsc.c
+index df1e685..9ab02fa 100644
+--- a/kernel/auditsc.c
++++ b/kernel/auditsc.c
+@@ -1971,6 +1971,9 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
+ struct audit_buffer *ab;
+ uid_t uid, ologinuid, nloginuid;
+
++ if (!audit_enabled)
++ return;
++
+ uid = from_kuid(&init_user_ns, task_uid(current));
+ ologinuid = from_kuid(&init_user_ns, koldloginuid);
+ nloginuid = from_kuid(&init_user_ns, kloginuid),
+--
+1.8.5.3
+
diff --git a/kernel.spec b/kernel.spec
index b7f53f10..a4f311ca 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -773,6 +773,9 @@ Patch25027: kvm-x86-fix-emulator-buffer-overflow.patch
#rhbz 1065087
Patch25028: tty-Fix-low_latency-BUG.patch
+#rhbz 1066064
+Patch25029: audit-don-t-generate-loginuid-log-when-audit-disable.patch
+
# END OF PATCH DEFINITIONS
%endif
@@ -1502,6 +1505,9 @@ ApplyPatch kvm-x86-fix-emulator-buffer-overflow.patch
#rhbz 1065087
ApplyPatch tty-Fix-low_latency-BUG.patch
+#rhbz 1066064
+ApplyPatch audit-don-t-generate-loginuid-log-when-audit-disable.patch
+
# END OF PATCH APPLICATIONS
%endif
@@ -2313,6 +2319,9 @@ fi
# ||----w |
# || ||
%changelog
+* Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org>
+- Fix overly verbose audit logs (rhbz 1066064)
+
* Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-201
- CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837)
- Fix atomic sched BUG in tty low_latency (rhbz 1065087)
generated by cgit (git 2.34.1) at 2024-05-18 03:39:45 +0000