After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 349835 - linux login auditing support
linux login auditing support
Status: RESOLVED FIXED
Product: gdm
Classification: Core
Component: general
unspecified
Other Linux
: Normal enhancement
: ---
Assigned To: GDM maintainers
GDM maintainers
Depends on:
Blocks:
 
 
Reported: 2006-08-03 19:41 UTC by Ray Strode [halfline]
Modified: 2007-06-04 14:38 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
linux login auditing support (5.52 KB, patch)
2006-08-03 19:41 UTC, Ray Strode [halfline] 		needs-work Details | Review
empty out the function (1.18 KB, patch)
2007-03-07 14:08 UTC, Ray Strode [halfline] 		accepted-commit_after_freeze Details | Review
patch updated to 2.19.1 (5.67 KB, patch)
2007-05-22 15:56 UTC, Matthias Clasen 		committed Details | Review

Description Ray Strode [halfline] 2006-08-03 19:41:03 UTC 
In fedora/rhel we have a patch add support for using linux audit libs to audit login failures and successes (written by Steve Grubb).

The patch probably isn't ready to be commited upstream because it doesn't integrate well with the existing solaris adt support.

Still i want to get it posted here so it doesn't languish away in the fedora package cvs and when I refactor things I'll post a new patch on this report.
Comment 1 Ray Strode [halfline] 2006-08-03 19:41:36 UTC 
Created attachment 70158 [details] [review]
linux login auditing support
Comment 2 Brian Cameron 2006-08-03 20:13:18 UTC 
Thanks.  The patch looks good to me, although it would be nicer if we abstracted this a bit (if possible) so that Solaris ADT and Linux auditing were handled more generically if possible.  Sounds like you have some ideas about this.
Comment 3 Ray Strode [halfline] 2007-03-06 19:15:49 UTC 
So I haven't had a chance to work on this more, but another issue is gdm_verify_check is causing auditing problems:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230401
Comment 4 Brian Cameron 2007-03-07 07:28:07 UTC 
Ray, the comment in gdm_verify_check says:

 * Check that the authentication system is correctly configured.
 * Not very smart, perhaps we should just whack this.

I'd be agreeable to remove this function since it is causing problems on Red Hat, and I don't think the function is very useful.   

If you want to commit a patch that removes this function, go ahead.
Comment 5 Ray Strode [halfline] 2007-03-07 14:08:21 UTC 
Created attachment 84167 [details] [review]
empty out the function

Sure, I guess it will have to wait until after code freeze though.  Adding the trivial patch to this bug report with the right status so that it doesn't drop off my radar.
Comment 6 Matthias Clasen 2007-05-22 15:56:02 UTC 
Created attachment 88619 [details] [review]
patch updated to 2.19.1
Comment 7 Brian Cameron 2007-06-04 04:03:31 UTC 
Ray.  I committed this patch now that we are in the 2.19 development cycle.  Thanks Matthias for updating the patch.

I also removed the gdm_verify_check function as discussed so we don't create the spurious audit record, as we discussed.

You mentioned that it would be nice to better abstract the auditing (ADT and Linux) so that the code is more clean.  If you want to do work on this, that would be appreciated...but we can handle this in a separate bug for code cleanup.
Comment 8 Ray Strode [halfline] 2007-06-04 14:38:02 UTC 
Ah, makes a lot of sense, thanks.

(Sorry for letting this bug linger)
Comment 9 Ray Strode [halfline] 2007-06-04 14:38:33 UTC 
(And welcome back from vacation!)