Bug 16599 - "X -audit 0" does still log AUDIT errors, should be suppressed
Summary: "X -audit 0" does still log AUDIT errors, should be suppressed
Status: RESOLVED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: 6.8.2
Hardware: All All
: medium normal
Assignee: Xorg Project Team
QA Contact: Xorg Project Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-07-03 08:00 UTC by Andreas Luik
Modified: 2008-12-16 23:55 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments
fix audit trail (766 bytes, patch)
2008-12-04 12:55 UTC, francis giraldeau
no flags Details | Splinter Review

Description Andreas Luik 2008-07-03 08:00:51 UTC
According to the Xserver(1) manual page:

       -audit level
               sets  the  audit trail level.  The default level is 1, meaning
               only connection rejections are reported.  [...]
               Level 0 turns off  the  audit
               trail.  Audit lines are sent as standard error output.

This does not work.  Our X Server command line is:
/usr/X11R6/bin/X :0 -audit 0 -s 0 -auth /var/gdm/:0.Xauth vt7
Both the X server log file (/var/log/Xorg.0.log) as well as stderr still show:

AUDIT: Thu Jul  3 16:55:04 2008: 24874 X: client 1 rejected from IP 172.24.1.64

I do not have current source code available, but in an old version, the function
ClientAuthorized() in Xserver/os/connection.c lacked an

    if (auditTrailLevel > 0)

in the "if (InvalidHost(...))" block, and probably it still does ...
Should be easy to fix.
Kind regards,
-- 
Andreas Luik          E-Mail: Andreas.Luik@barco.com
Barco Orthogon GmbH      WWW: http://www.barco-orthogon.com/
Comment 1 francis giraldeau 2008-12-04 12:55:50 UTC
Created attachment 20820 [details] [review]
fix audit trail
Comment 2 francis giraldeau 2008-12-04 12:56:41 UTC
    I confirm this problem. Here is a patch to fix the behavior. It seems that the
    correct behavior is obtained on platform where DTRACE is available, which is
    not the case currently on Linux. Excluding the test to be protected by #define
    resolv the problem, which is really a small fix. 
Comment 3 Timo Aaltonen 2008-12-16 23:55:47 UTC
Committed to master, thanks!


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.