Enable auditing in util-linux.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
util-linux (Debian) |
Fix Released
|
Unknown
|
|||
util-linux (Ubuntu) |
Fix Released
|
Medium
|
Joy Latten | ||
Xenial |
Fix Released
|
Medium
|
Unassigned | ||
Zesty |
Fix Committed
|
Medium
|
Unassigned | ||
Artful |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[IMPACT]
Enable auditing in util-linux. The config option, --with-audit enables auditing.
Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change.
The change would enable the hwclock command to generate an audit log message to /var/log/
That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial.
[TEST]
This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below.
Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below.
[REGRESSION POTENTIAL]
The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered.
summary: |
- Add "--with-audit" config option so that the hwclock command creates - audit records when it is used to alter the hardware clock. + [SRU][xenial] Add "--with-audit" config option so that the hwclock + command creates an audit record when the hardware clock is altered. |
summary: |
- [SRU][xenial] Add "--with-audit" config option so that the hwclock - command creates an audit record when the hardware clock is altered. + [SRU][xenial] Enable auditing in util-linux. |
description: | updated |
tags: | added: rls-aa-notfixing |
Changed in util-linux (Debian): | |
status: | Unknown → New |
Changed in util-linux (Ubuntu): | |
status: | New → In Progress |
Changed in util-linux (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in util-linux (Ubuntu): | |
importance: | Undecided → Medium |
Changed in util-linux (Ubuntu Zesty): | |
importance: | Undecided → Medium |
Changed in util-linux (Ubuntu Artful): | |
importance: | Undecided → Medium |
Changed in util-linux (Ubuntu): | |
assignee: | nobody → Joy Latten (j-latten) |
summary: |
- [SRU][xenial] Enable auditing in util-linux. + Enable auditing in util-linux. |
Changed in util-linux (Ubuntu): | |
status: | In Progress → Fix Released |
tags: | added: verification-done-artful |
Changed in util-linux (Debian): | |
status: | New → Fix Released |
build log and tests run /launchpad. net/~j- latten/ +archive/ ubuntu/ joyppa/ +build/ 13375821
https:/