Bug 449990

Summary:	sys-process/audit - init script doesn't handle /var/lock on tmpfs properly
Product:	Gentoo Linux	Reporter:	Coacher <itumaykin+gentoo>
Component:	[OLD] Core system	Assignee:	Robin Johnson <robbat2>
Status:	RESOLVED FIXED
Severity:	normal	CC:	Dessa, pageexec, perfinion, toralf, travisghansen, uwe
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---
Bug Depends on:
Bug Blocks:	332633
Attachments:	auditd initscript proposed patch auditd-init.d-2.1.3.patch

Description Coacher 2013-01-03 12:15:50 UTC

Since /var/lock on tmpfs and has no precreated /var/lock/subsys/ dir auditd initscript fails to do proper locking because it is trying to touch files in /var/lock/subsys/ dir. The simpliest solution is to touch files in /var/lock dir directly, see the patch attached.

Reproducible: Always

Comment 1 Coacher 2013-01-03 12:16:41 UTC

Created attachment 334178 [details, diff]
auditd initscript proposed patch

Comment 2 Uwe Sauter 2013-09-05 18:16:22 UTC

I can confirm that behavior. The question is what the author of the original init script intended with the subdirectory and if the init script shouldn't just create that directory.

Comment 3 Jeroen Roovers (RETIRED) gentoo-dev

2014-09-04 09:19:31 UTC

*** Bug 521806 has been marked as a duplicate of this bug. ***

Comment 4 Coacher 2014-10-30 23:08:14 UTC

The patch is there, the fix is trivial. How come it is still not in tree? Ping?..

Comment 5 Coacher 2015-07-29 15:23:30 UTC

Created attachment 407922 [details, diff]
auditd-init.d-2.1.3.patch

audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding this bug easier for users. I've slightly update my patch if anyone is interested.

Comment 6 Coacher 2015-07-29 15:43:46 UTC

(In reply to Coacher from comment #5)
> audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding
> this bug easier for users.

My mistake: epatch_user works with sources, not files included from tree.

Comment 7 Jason Zaman gentoo-dev

2015-08-01 08:52:15 UTC

What is even the point of the lock file? According to the redhat init script[1] it looks like a way for it to know if it is started or not. But openrc already knows so is it even needed?

1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init

Comment 8 Coacher 2015-08-08 21:25:08 UTC

(In reply to Jason Zaman from comment #7)
> What is even the point of the lock file? According to the redhat init
> script[1] it looks like a way for it to know if it is started or not. But
> openrc already knows so is it even needed?
> 
> 1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init

I can confirm that without any lock file creation/deletion auditd starts, stops and functions normally on my hardened-amd64 machine. I guess Robin knows why this lock file was introduced in the first place.

Comment 9 Jason Zaman gentoo-dev

2015-08-18 04:30:50 UTC

commit 7b1821119f093af1396b20cfd26c24188d5936f1
Author: Jason Zaman <perfinion@gentoo.org>
Date:   Tue Aug 18 12:27:33 2015 +0800

    sys-process/audit: Remove lock from init script
    
    The lock in the init script was only needed in Redhat. OpenRC keeps track of if
    the process is started so not required.  Also fix perms on the systemd unit.
    
    Gentoo-Bug: https://bugs.gentoo.org/556436
    Gentoo-Bug: https://bugs.gentoo.org/449990
    
    Package-Manager: portage-2.2.20.1

Comment 10 Coacher 2015-08-19 04:32:02 UTC

(In reply to Jason Zaman from comment #9)
> commit 7b1821119f093af1396b20cfd26c24188d5936f1
> Author: Jason Zaman <perfinion@gentoo.org>
> Date:   Tue Aug 18 12:27:33 2015 +0800
> 
>     sys-process/audit: Remove lock from init script
>     
>     The lock in the init script was only needed in Redhat. OpenRC keeps
> track of if
>     the process is started so not required.  Also fix perms on the systemd
> unit.
>     
>     Gentoo-Bug: https://bugs.gentoo.org/556436
>     Gentoo-Bug: https://bugs.gentoo.org/449990
>     
>     Package-Manager: portage-2.2.20.1

Many thanks, Jason!