[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Summary changed: - [SRU][xenial] Add "--with-audit" config option so that the hwclock command creates an audit record when the hardware clock is altered. + [SRU][xenial] Enable auditing in util-linux. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: Unknown Bug description: [IMPACT] There is a requirement for Common Criteria EAL2 certification that changes to the system's hardware clock be audited/monitored. In Ubuntu the hwclock command can be used to alter the system's hardware clock. Thus this event needs to be audited for EAL2. The hwclock command within util-linux has the ability to create an audit event when the system's hardware clock is altered, but this ability is enabled via the --with-audit config option. This option is currently not enabled. Only the hwclock and the login commands within util-linux package use this --with-audit config option to enable auditing. However, it appears the login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable (1) call to audit_open to create a netlink socket descritor. (2) generate an audit entry when system hardware clock altered. The entry will be logged into the /var/log/audit/audit.log IF auditd is installed and running. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Description changed: [IMPACT] - There is a requirement for Common Criteria EAL2 certification that changes to the system's hardware clock be audited/monitored. In Ubuntu the hwclock command can be used to alter the system's hardware clock. Thus this event needs to be audited for EAL2. The hwclock command within util-linux has the ability to create an audit event when the system's hardware clock is altered, but this ability is enabled via the --with-audit config option. This option is currently not enabled. + Enable auditing in util-linux. The config option, --with-audit enables auditing. + + Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. - Only the hwclock and the login commands within util-linux package use - this --with-audit config option to enable auditing. However, it appears - the login command is not built nor shipped in util-linux. Ubuntu uses - the login command from shadow instead. Thus, only hwclock command would - be affected by this change. The change would enable (1) call to - audit_open to create a netlink socket descritor. (2) generate an audit - entry when system hardware clock altered. The entry will be logged into - the /var/log/audit/audit.log IF auditd is installed and running. + The change would enable the hwclock command to generate an audit log + message to /var/log/audit/audit.log whenever it changes the hardware + clock. This message will only get logged if auditd daemon is running. + Otherwise, nothing gets logged. + + That the hwclock generates an audit message when hardware clock is + changed is a requirement for Common Criteria EAL2 certification for + Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: Unknown Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help :
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Tags added: rls-aa-notfixing -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: Unknown Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Changed in: util-linux (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Attachment removed: "debdiff of version 3.3 and 3.4~joyppa2" https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/4966026/+files/debdiff.out -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Attachment added: "debdiff.xenial" https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006617/+files/debdiff.xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Attachment added: "debdiff.artful" https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006620/+files/debdiff.artful -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Attachment added: "debdiff.zesty" https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006619/+files/debdiff.zesty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
Build logs and test runs can be found in PPA at, https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+packages Please note, the versioning of the packages are incorrect in PPA, my apologies. I did them correctly in the debdiff for each release that I have attached. Comment #3 just contains the testcase I use to verify that the audit entry is created when the config option is enabled. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: New Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Changed in: util-linux (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Changed in: util-linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: util-linux (Ubuntu) Importance: Undecided => Medium ** Changed in: util-linux (Ubuntu Zesty) Importance: Undecided => Medium ** Changed in: util-linux (Ubuntu Artful) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Attachment added: "debdiff.bionic" https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006681/+files/debdiff.bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
** Changed in: util-linux (Ubuntu) Assignee: (unassigned) => Joy Latten (j-latten) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1722313] Re: [SRU][xenial] Enable auditing in util-linux.
I have also submitted a patch against recent debian version of this package to Debian. Just in case, I also noted in the debian bug thread the following: - util-linux package is Priority: required and the libaudit1 package is Priority: optional. Possibly this is no longer a problem in reference to a change in Version 4.0.1 listed here, https://www.debian.org/doc/packaging-manuals/upgrading-checklist.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1722313 Title: [SRU][xenial] Enable auditing in util-linux. Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Xenial: New Status in util-linux source package in Zesty: New Status in util-linux source package in Artful: New Status in util-linux package in Debian: New Bug description: [IMPACT] Enable auditing in util-linux. The config option, --with-audit enables auditing. Only the hwclock and the login commands within util-linux package have source code for auditing. But that source code is disabled by default and requires the config option, --with-audit to enable it. The login command is not built nor shipped in util-linux. Ubuntu uses the login command from shadow instead. Thus, only hwclock command would be affected by this change. The change would enable the hwclock command to generate an audit log message to /var/log/audit/audit.log whenever it changes the hardware clock. This message will only get logged if auditd daemon is running. Otherwise, nothing gets logged. That the hwclock generates an audit message when hardware clock is changed is a requirement for Common Criteria EAL2 certification for Xenial. [TEST] This has been tested on both P8 and amd64 architectures. With the patch all the Common Criteria testcases pass for hwclock. Before this patch, the functional part of the testcase passed, but the check for the triggered audit records would fail. Attached the Common Criteria testcase below. Also, the util-linux package has testcases that get run during the build. All of these pass. Pointer to build log below. [REGRESSION POTENTIAL] The regression potential for this should be small. This change does not take away from any current functionality. It just adds the ability to generate an audit entry when system hardware clock is altered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1722313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp