[Bug 1722313] Re: Enable auditing in util-linux.
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Nov 10 15:21:58 UTC 2017
ACK on the debdiffs, uploaded for processing by the SRU team with a
couple of minor changelog changes: added bug number, fixed versioning.
Thanks!
** Changed in: util-linux (Ubuntu Xenial)
Status: New => In Progress
** Changed in: util-linux (Ubuntu Zesty)
Status: New => In Progress
** Changed in: util-linux (Ubuntu Artful)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1722313
Title:
Enable auditing in util-linux.
Status in util-linux package in Ubuntu:
In Progress
Status in util-linux source package in Xenial:
In Progress
Status in util-linux source package in Zesty:
In Progress
Status in util-linux source package in Artful:
In Progress
Status in util-linux package in Debian:
New
Bug description:
[IMPACT]
Enable auditing in util-linux. The config option, --with-audit enables auditing.
Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change.
The change would enable the hwclock command to generate an audit log
message to /var/log/audit/audit.log whenever it changes the hardware
clock. This message will only get logged if auditd daemon is running.
Otherwise, nothing gets logged.
That the hwclock generates an audit message when hardware clock is
changed is a requirement for Common Criteria EAL2 certification for
Xenial.
[TEST]
This has been tested on both P8 and amd64 architectures. With the
patch all the Common Criteria testcases pass for hwclock. Before this
patch, the functional part of the testcase passed, but the check for
the triggered audit records would fail. Attached the Common Criteria
testcase below.
Also, the util-linux package has testcases that get run during the
build. All of these pass. Pointer to build log below.
[REGRESSION POTENTIAL]
The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions
More information about the Ubuntu-sponsors
mailing list