Can you see if this bug also affects the Saucy backport kernel, which will be used in 12.04.4? The .deb is available from:
http://launchpadlibrarian.net/158291468/linux-generic-lts- saucy_3.11.0.15.14_amd64.deb ** Tags added: precise raring -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in “audit” package in Ubuntu: New Status in “linux” package in Ubuntu: Incomplete Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal 3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
