Summary: | sys-process/audit uses alias from /etc/hosts in constructing Kerberos principal | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Tully Gray <shadowdaemon> |
Component: | Current packages | Assignee: | SE Linux Bugs <selinux> |
Status: | UNCONFIRMED --- | ||
Severity: | minor | CC: | robbat2 |
Priority: | Low | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Tully Gray
2012-07-04 03:28:57 UTC
I fixed it by hacking the sources. I can create a patch, but I don't think upstream will accept it. I might raise the issue on the Linux audit mailing list. Their IRC channel (#audit on Freenode) is dead. After more testing (and sleep) I found that the order of host resolution (hosts, bind) has no effect on the principal generation. The file "audisp-remote.c" appears to contain the code which constructs the principal and only "gethostname" is used here. After adding in a call to "getdomainname" I was able to generate a more aethestically pleasing Kerberos principal. Patches welcome. |