useradd question
Lenny Bruzenak
lenny at magitekltd.com
Wed May 22 18:23:42 UTC 2019
On 5/22/19 12:34 PM, Steve Grubb wrote:
> I think this is the right fix:
>
> diff -urp shadow-4.6.orig/src/useradd.c shadow-4.6/src/useradd.c
> --- shadow-4.6.orig/src/useradd.c 2019-05-21 08:26:12.533328554 -0400
> +++ shadow-4.6/src/useradd.c 2019-05-22 12:21:46.305293997 -0400
> @@ -1955,9 +1955,14 @@ static void usr_update (void)
> #endif /* ENABLE_SUBIDS */
>
> #ifdef WITH_AUDIT
> + /*
> + * Even though we have the ID of the user, we won't send it now
> + * because its not written to disk yet. After close_files it is
> + * and we can use the real ID thereafter.
> + */
> audit_logger (AUDIT_ADD_USER, Prog,
> "add-user",
> - user_name, (unsigned int) user_id,
> + user_name, AUDIT_NO_ID,
> SHADOW_AUDIT_SUCCESS);
> #endif
> /*
I tested this and it looks good. Thanks Steve, I really appreciate the help.
LCB
--
Lenny Bruzenak
MagitekLTD
More information about the Linux-audit
mailing list