Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 449990 - sys-process/audit - init script doesn't handle /var/lock on tmpfs properly
Summary: sys-process/audit - init script doesn't handle /var/lock on tmpfs properly
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Robin Johnson
URL:
Whiteboard:
Keywords:
: 521806 (view as bug list)
Depends on:
Blocks: keepdir-var-run_lock
  Show dependency tree
 
Reported: 2013-01-03 12:15 UTC by Coacher
Modified: 2015-08-19 04:32 UTC (History)
6 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
auditd initscript proposed patch (123,736 bytes, patch)
2013-01-03 12:16 UTC, Coacher
Details | Diff
auditd-init.d-2.1.3.patch (auditd-init.d-2.1.3.patch,2.90 KB, patch)
2015-07-29 15:23 UTC, Coacher
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Coacher 2013-01-03 12:15:50 UTC
Since /var/lock on tmpfs and has no precreated /var/lock/subsys/ dir auditd initscript fails to do proper locking because it is trying to touch files in /var/lock/subsys/ dir. The simpliest solution is to touch files in /var/lock dir directly, see the patch attached.

Reproducible: Always
Comment 1 Coacher 2013-01-03 12:16:41 UTC
Created attachment 334178 [details, diff]
auditd initscript proposed patch
Comment 2 Uwe Sauter 2013-09-05 18:16:22 UTC
I can confirm that behavior. The question is what the author of the original init script intended with the subdirectory and if the init script shouldn't just create that directory.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2014-09-04 09:19:31 UTC
*** Bug 521806 has been marked as a duplicate of this bug. ***
Comment 4 Coacher 2014-10-30 23:08:14 UTC
The patch is there, the fix is trivial. How come it is still not in tree? Ping?..
Comment 5 Coacher 2015-07-29 15:23:30 UTC
Created attachment 407922 [details, diff]
auditd-init.d-2.1.3.patch

audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding this bug easier for users. I've slightly update my patch if anyone is interested.
Comment 6 Coacher 2015-07-29 15:43:46 UTC
(In reply to Coacher from comment #5)
> audit-2.4.3 ebuild supports epatch_user functionality, which makes avoiding
> this bug easier for users.

My mistake: epatch_user works with sources, not files included from tree.
Comment 7 Jason Zaman gentoo-dev 2015-08-01 08:52:15 UTC
What is even the point of the lock file? According to the redhat init script[1] it looks like a way for it to know if it is started or not. But openrc already knows so is it even needed?

1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init
Comment 8 Coacher 2015-08-08 21:25:08 UTC
(In reply to Jason Zaman from comment #7)
> What is even the point of the lock file? According to the redhat init
> script[1] it looks like a way for it to know if it is started or not. But
> openrc already knows so is it even needed?
> 
> 1: https://fedorahosted.org/audit/browser/trunk/init.d/auditd.init

I can confirm that without any lock file creation/deletion auditd starts, stops and functions normally on my hardened-amd64 machine. I guess Robin knows why this lock file was introduced in the first place.
Comment 9 Jason Zaman gentoo-dev 2015-08-18 04:30:50 UTC
commit 7b1821119f093af1396b20cfd26c24188d5936f1
Author: Jason Zaman <perfinion@gentoo.org>
Date:   Tue Aug 18 12:27:33 2015 +0800

    sys-process/audit: Remove lock from init script
    
    The lock in the init script was only needed in Redhat. OpenRC keeps track of if
    the process is started so not required.  Also fix perms on the systemd unit.
    
    Gentoo-Bug: https://bugs.gentoo.org/556436
    Gentoo-Bug: https://bugs.gentoo.org/449990
    
    Package-Manager: portage-2.2.20.1
Comment 10 Coacher 2015-08-19 04:32:02 UTC
(In reply to Jason Zaman from comment #9)
> commit 7b1821119f093af1396b20cfd26c24188d5936f1
> Author: Jason Zaman <perfinion@gentoo.org>
> Date:   Tue Aug 18 12:27:33 2015 +0800
> 
>     sys-process/audit: Remove lock from init script
>     
>     The lock in the init script was only needed in Redhat. OpenRC keeps
> track of if
>     the process is started so not required.  Also fix perms on the systemd
> unit.
>     
>     Gentoo-Bug: https://bugs.gentoo.org/556436
>     Gentoo-Bug: https://bugs.gentoo.org/449990
>     
>     Package-Manager: portage-2.2.20.1

Many thanks, Jason!