You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
hwclock code uses EXIT_SUCCESS == 0 and EXIT_FAILURE == 1.
hwclock_exit() calls audit_log_user_message() and sometimes uses the exit status from a call as the status it passes to create the audit record.
The audit_log_user_message() manpage states that for the status or result, 1 is "success" and 0 is "failed"
So hwclock sends the opposite of what audit_log_user_message() expects for status.
Although the hwclock command was successful, the audit record's, "res" field has that it failed.
According to audit_log_user_message(3) result 1 is "success" and 0 is
"failed", we use standard EXIT_{SUCCESS,FAILURE} macros with reverse
status.
Addresses: #966
Signed-off-by: Karel Zak <kzak@redhat.com>
According to audit_log_user_message(3) result 1 is "success" and 0 is
"failed", we use standard EXIT_{SUCCESS,FAILURE} macros with reverse
status.
Addresses: #966
Signed-off-by: Karel Zak <kzak@redhat.com>
hwclock code uses EXIT_SUCCESS == 0 and EXIT_FAILURE == 1.
hwclock_exit() calls audit_log_user_message() and sometimes uses the exit status from a call as the status it passes to create the audit record.
The audit_log_user_message() manpage states that for the status or result, 1 is "success" and 0 is "failed"
So hwclock sends the opposite of what audit_log_user_message() expects for status.
Although the hwclock command was successful, the audit record's, "res" field has that it failed.
type=USYS_CONFIG msg=audit(1582729727.515:29021): pid=15698 uid=0 auid=1000 ses=347 msg_1='op=change-system-time exe="/sbin/hwclock" hostname=? addr=? terminal=pts/1 res=failed'
hwclock needs to pass status as understood by audit_log_user_message().
The text was updated successfully, but these errors were encountered: