From 25d533701f34bc69a83aecf3f5f6b3e79c0f7633 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@redhat.com>
Date: Mon, 3 Mar 2014 12:11:04 -0500
Subject: Fix overly verbose audit logs (rhbz 1066064)

---
 ...-generate-loginuid-log-when-audit-disable.patch | 36 ++++++++++++++++++++++
 kernel.spec                                        |  9 ++++++
 2 files changed, 45 insertions(+)
 create mode 100644 audit-don-t-generate-loginuid-log-when-audit-disable.patch

diff --git a/audit-don-t-generate-loginuid-log-when-audit-disable.patch b/audit-don-t-generate-loginuid-log-when-audit-disable.patch
new file mode 100644
index 00000000..84669f8a
--- /dev/null
+++ b/audit-don-t-generate-loginuid-log-when-audit-disable.patch
@@ -0,0 +1,36 @@
+Bugzilla: 1066064
+Upstream-status: 3.14-rc1
+
+From c2412d91c68426e22add16550f97ae5cd988a159 Mon Sep 17 00:00:00 2001
+From: Gao feng <gaofeng@cn.fujitsu.com>
+Date: Fri, 1 Nov 2013 19:34:45 +0800
+Subject: [PATCH] audit: don't generate loginuid log when audit disabled
+
+If audit is disabled, we shouldn't generate loginuid audit
+log.
+
+Acked-by: Eric Paris <eparis@redhat.com>
+Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
+Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
+Signed-off-by: Eric Paris <eparis@redhat.com>
+---
+ kernel/auditsc.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/kernel/auditsc.c b/kernel/auditsc.c
+index df1e685..9ab02fa 100644
+--- a/kernel/auditsc.c
++++ b/kernel/auditsc.c
+@@ -1971,6 +1971,9 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
+ 	struct audit_buffer *ab;
+ 	uid_t uid, ologinuid, nloginuid;
+ 
++	if (!audit_enabled)
++		return;
++
+ 	uid = from_kuid(&init_user_ns, task_uid(current));
+ 	ologinuid = from_kuid(&init_user_ns, koldloginuid);
+ 	nloginuid = from_kuid(&init_user_ns, kloginuid),
+-- 
+1.8.5.3
+
diff --git a/kernel.spec b/kernel.spec
index b7f53f10..a4f311ca 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -773,6 +773,9 @@ Patch25027: kvm-x86-fix-emulator-buffer-overflow.patch
 #rhbz 1065087
 Patch25028: tty-Fix-low_latency-BUG.patch
 
+#rhbz 1066064
+Patch25029: audit-don-t-generate-loginuid-log-when-audit-disable.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -1502,6 +1505,9 @@ ApplyPatch kvm-x86-fix-emulator-buffer-overflow.patch
 #rhbz 1065087
 ApplyPatch tty-Fix-low_latency-BUG.patch
 
+#rhbz 1066064
+ApplyPatch audit-don-t-generate-loginuid-log-when-audit-disable.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2313,6 +2319,9 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org>
+- Fix overly verbose audit logs (rhbz 1066064)
+
 * Mon Mar 03 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-201
 - CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837)
 - Fix atomic sched BUG in tty low_latency (rhbz 1065087)
-- 
cgit