This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:
apport-collect 1158500
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1158500
Title:
auditd fails to add rules when used in precise with -lts-quantal
kernel
Status in “audit” package in Ubuntu:
New
Status in “linux” package in Ubuntu:
Incomplete
Bug description:
auditctl fails to add rules when run with the -lts-quantal kernel
Eample:
# auditctl -l
No rules
# auditctl -a entry,always -F arch=b64 -S execve -k exec
Error sending add rule data request (Invalid argument)
#
Looks like the syscall table needs updating, it works with the 3.2.0
kernel.
Tagging this as a security vulnerability because it fails fairly
quietly and may lead to high security systems not having required
auditing (like PCI compliant systems), I only noticed by looking in
/var/log/boot.log.
Description: Ubuntu 12.04.2 LTS
Release: 12.04
ii auditd 1.7.18-1ubuntu1
User space tools for security auditing
ii linux-image-generic-lts-quantal 3.5.0.26.33
Generic Linux kernel image
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
