Since /var/lock on tmpfs and has no precreated /var/lock/subsys/ dir auditd initscript fails to do proper locking because it is trying to touch files in /var/lock/subsys/ dir. The simpliest solution is to touch files in /var/lock dir directly, see the patch attached. Reproducible: Always
Created attachment 334178 [details, diff] auditd initscript proposed patch
I can confirm that behavior. The question is what the author of the original init script intended with the subdirectory and if the init script shouldn't just create that directory.
*** Bug 521806 has been marked as a duplicate of this bug. ***
The patch is there, the fix is trivial. How come it is still not in tree? Ping?..
Created attachment 407922 [details, diff] auditd-init.d-2.1.3.patch audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding this bug easier for users. I've slightly update my patch if anyone is interested.
(In reply to Coacher from comment #5) > audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding > this bug easier for users. My mistake: epatch_user works with sources, not files included from tree.
What is even the point of the lock file? According to the redhat init script[1] it looks like a way for it to know if it is started or not. But openrc already knows so is it even needed? 1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init
(In reply to Jason Zaman from comment #7) > What is even the point of the lock file? According to the redhat init > script[1] it looks like a way for it to know if it is started or not. But > openrc already knows so is it even needed? > > 1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init I can confirm that without any lock file creation/deletion auditd starts, stops and functions normally on my hardened-amd64 machine. I guess Robin knows why this lock file was introduced in the first place.
commit 7b1821119f093af1396b20cfd26c24188d5936f1 Author: Jason Zaman <perfinion@gentoo.org> Date: Tue Aug 18 12:27:33 2015 +0800 sys-process/audit: Remove lock from init script The lock in the init script was only needed in Redhat. OpenRC keeps track of if the process is started so not required. Also fix perms on the systemd unit. Gentoo-Bug: https://bugs.gentoo.org/556436 Gentoo-Bug: https://bugs.gentoo.org/449990 Package-Manager: portage-2.2.20.1
(In reply to Jason Zaman from comment #9) > commit 7b1821119f093af1396b20cfd26c24188d5936f1 > Author: Jason Zaman <perfinion@gentoo.org> > Date: Tue Aug 18 12:27:33 2015 +0800 > > sys-process/audit: Remove lock from init script > > The lock in the init script was only needed in Redhat. OpenRC keeps > track of if > the process is started so not required. Also fix perms on the systemd > unit. > > Gentoo-Bug: https://bugs.gentoo.org/556436 > Gentoo-Bug: https://bugs.gentoo.org/449990 > > Package-Manager: portage-2.2.20.1 Many thanks, Jason!