** Description changed:
+ [IMPACT]
+ hwclock reports incrorect status in audit message
+
+ hwclock calls audit_log_user_message(3) to create an audit entry.
audit_log_user_message(3) result 1 is "success" and 0 is
"failed", hwclock use standard EXIT_{SUCCESS,FAILURE} macros with reverse
- status. Thus reports status incorrectly in audit message. This has been fixed
upstream in
https://github.com/karelzak/util-linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
+ status. Thus reports it's status incorrectly in audit message.
+
+ It is a requirement for Common Criteria Certification that hwclock
+ reports correct status in audit message.
+
+ This has been fixed upstream in https://github.com/karelzak/util-
+ linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
+
+ [TEST]
+
+ Steps to test:
+ 1. Install auditd
+ 2. Run following testcase,
+
+ # hwclock
+ 2020-03-02 15:03:03.280351+0000
+ # hwclock --set --date "1/1/2000 00:00:00"
+ # echo $?
+ 0
+ # hwclock
+ 2000-01-01 00:00:05.413924+0000
+ # hwclock --utc --systohc
+ # echo $?
+ 0
+ # hwclock
+ 2020-03-02 15:07:00.264331+0000
+
+ Following audit messages from /var/log/audit/audit.log,
+
+ type=USYS_CONFIG msg=audit(1583161562.884:105): pid=2084 uid=0 auid=1000
ses=1 msg='op=change-system-time exe="/sbin/hwclock" hostname=bionic-fips
addr=? terminal=pts/0 res=failed'
+ type=USYS_CONFIG msg=audit(1583161614.497:106): pid=2103 uid=0 auid=1000
ses=1 msg='op=change-system-time exe="/sbin/hwclock" hostname=bionic-fips
addr=? terminal=pts/0 res=failed'
+
+ Note that last entry in each audit record produced when hardware clock
+ was modified has, "res=failed". Although, testcase shows no failure
+ occurred.
+
+ [Regression Potential]
+ There should not be any regression to fix the status given to auditd.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
Status in util-linux package in Ubuntu:
New
Bug description:
[IMPACT]
hwclock reports incrorect status in audit message
hwclock calls audit_log_user_message(3) to create an audit entry.
audit_log_user_message(3) result 1 is "success" and 0 is
"failed", hwclock use standard EXIT_{SUCCESS,FAILURE} macros with reverse
status. Thus reports it's status incorrectly in audit message.
It is a requirement for Common Criteria Certification that hwclock
reports correct status in audit message.
This has been fixed upstream in https://github.com/karelzak/util-
linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
[TEST]
Steps to test:
1. Install auditd
2. Run following testcase,
# hwclock
2020-03-02 15:03:03.280351+0000
# hwclock --set --date "1/1/2000 00:00:00"
# echo $?
0
# hwclock
2000-01-01 00:00:05.413924+0000
# hwclock --utc --systohc
# echo $?
0
# hwclock
2020-03-02 15:07:00.264331+0000
Following audit messages from /var/log/audit/audit.log,
type=USYS_CONFIG msg=audit(1583161562.884:105): pid=2084 uid=0 auid=1000
ses=1 msg='op=change-system-time exe="/sbin/hwclock" hostname=bionic-fips
addr=? terminal=pts/0 res=failed'
type=USYS_CONFIG msg=audit(1583161614.497:106): pid=2103 uid=0 auid=1000
ses=1 msg='op=change-system-time exe="/sbin/hwclock" hostname=bionic-fips
addr=? terminal=pts/0 res=failed'
Note that last entry in each audit record produced when hardware clock
was modified has, "res=failed". Although, testcase shows no failure
occurred.
[Regression Potential]
There should not be any regression to fix the status given to auditd.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
