[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
The Precise Pangolin has reached end of life, so this bug will not be fixed for that release ** Changed in: audit (Ubuntu Precise) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: Fix Released Status in linux package in Ubuntu: Invalid Status in audit source package in Precise: Won't Fix Status in linux source package in Precise: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
** Also affects: audit (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Precise) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: Fix Released Status in linux package in Ubuntu: Invalid Status in audit source package in Precise: Confirmed Status in linux source package in Precise: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: audit (Ubuntu Precise) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: Fix Released Status in linux package in Ubuntu: Invalid Status in audit source package in Precise: Confirmed Status in linux source package in Precise: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
** Changed in: audit (Ubuntu Precise) Assignee: (unassigned) => Tyler Hicks (tyhicks) ** Changed in: audit (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: Fix Released Status in linux package in Ubuntu: Invalid Status in audit source package in Precise: Confirmed Status in linux source package in Precise: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
Am I missing something or the current workaround is to use exit,always rules? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: In Progress Status in linux package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
any news ? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: In Progress Status in linux package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
We are being impacted too. Running ubuntu 12.04 with auditd 1.7.18-1ubuntu1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: In Progress Status in linux package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
We really need to have auditd working ! More than annoying I find this bug quite critical given it renders auditd almost useless. = so true, it's quite amazing for a LTS/stable branch... Please do something :-) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: In Progress Status in linux package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
hello, Any news on this? It's when you really need it that you realize auditd no longer works for some time already. More than annoying I find this bug quite critical given it renders auditd almost useless. I'm no developper, but is the change difficult to backport? What are we missing? time/man power? Help greatly appreciated, Thanks. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in audit package in Ubuntu: In Progress Status in linux package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1158500] Re: auditd fails to add rules when used in precise with -lts-quantal kernel
Just noticed, that [1] is most likely a duplicate of this. [1] https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1317188 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to audit in Ubuntu. https://bugs.launchpad.net/bugs/1158500 Title: auditd fails to add rules when used in precise with -lts-quantal kernel Status in “audit” package in Ubuntu: In Progress Status in “linux” package in Ubuntu: Invalid Bug description: auditctl fails to add rules when run with the -lts-quantal kernel Eample: # auditctl -l No rules # auditctl -a entry,always -F arch=b64 -S execve -k exec Error sending add rule data request (Invalid argument) # Looks like the syscall table needs updating, it works with the 3.2.0 kernel. Tagging this as a security vulnerability because it fails fairly quietly and may lead to high security systems not having required auditing (like PCI compliant systems), I only noticed by looking in /var/log/boot.log. Description: Ubuntu 12.04.2 LTS Release: 12.04 ii auditd 1.7.18-1ubuntu1 User space tools for security auditing ii linux-image-generic-lts-quantal3.5.0.26.33 Generic Linux kernel image To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1158500/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
