Public bug reported:
The auditd daemon is not part of the default phone images. At the kernel
level, the audit_enabled variable remains 0 until an auditd daemon
registers itself. There is a bug in old kernels that causes
AUDIT_USER_AVC messages to be ignored when audit_enabled is 0. I fixed
the bug several years ago and marked the patch for the stable tree but
the phone kernels (mako, at least) did not pull in the patch. The
upstream commit id is:
0868a5e150bc4c47e7a003367cd755811eb41e0b
What this means for our phone images is that any denial messages from
the system D-Bus daemon are dropped instead of being properly routed to
the syslog. This results in headaches for debugging app confinement
denials.
** Affects: linux-flo (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Affects: linux-mako (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Affects: linux-manta (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1473584
Title:
AUDIT_USER_AVC messages are not printk'ed when auditd is not running
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-flo/+bug/1473584/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
