FS#61920 - [shadow] unwanted dependency on audit

Attached to Project: Arch Linux
Opened by Olivier Brunel (jjacky) - Tuesday, 05 March 2019, 16:08 GMT
Last edited by Levente Polyak (anthraxx) - Wednesday, 03 April 2019, 20:38 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: Since shadow-4.6-2 it comes with an unwanted dependency on audit
This task depends upon

Closed by  Levente Polyak (anthraxx)
Wednesday, 03 April 2019, 20:38 GMT
Reason for closing:  Not a bug
Additional comments about closing:  marked as explicit dependency in 4.6-3
Comment by Levente Polyak (anthraxx) - Tuesday, 05 March 2019, 16:55 GMT
The problem here is not that it has a unwanted dependency on libaudit.so but that audit is not specified as explicit first level dependency.
shadow should have audit support for audit-logs of system administration relevant changes, which all shadow utils very explicitly are.
Comment by Olivier Brunel (jjacky) - Tuesday, 05 March 2019, 17:22 GMT
Well, you say it "should have" audit support, but that might be a matter of opinion I guess...
Fact is, shadow did not have a dependency on audit up to 4.6-1 and everything was fine (nor was audit support requested). Now during the 4.6-2 rebuild such a dependency was added; I may be wrong but it seems to me this wasn't done on purpose (though forgetting to explicitly add audit to depends) but may have been unwanted (and simply due to audit being present during build process). I guess this might be due to systemd being in base-devel and now depending on audit... which might indeed lead to audit being added as dependency on shadow (or audit support could be disabled)
Comment by Levente Polyak (anthraxx) - Tuesday, 05 March 2019, 17:32 GMT
i never said anything else, it most likely happened by accident by being available and of cause its up to Dave to decide, i just dont consider it "unwanted" :)

It is a very small dependency and by having systemd installed one has it installed anyway.
However the main reason is that it adds very useful functionality in terms of security to provide kernel audit log entries for a very elemental part of the system.

Loading...