From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steve Grubb <sgrubb@redhat.com>
Subject: Re: libauparse exporting clear_config()
Date: Mon, 14 Apr 2014 08:06:33 -0400
Message-ID: <1966211.j87hqI7kLn@x2>
References: <20140410090611.1ec70e97@fornost.bigon.be> <1608421.DSTyeOvgW3@x2>
	<20140412144638.3bba8e69@fornost.bigon.be>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <20140412144638.3bba8e69@fornost.bigon.be>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Laurent Bigonville <bigon@debian.org>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Saturday, April 12, 2014 02:46:38 PM Laurent Bigonville wrote:
> Le Fri, 11 Apr 2014 09:42:50 -0400,
> =

> Steve Grubb <sgrubb@redhat.com> a =E9crit :
> > On Friday, April 11, 2014 08:54:37 AM Laurent Bigonville wrote:
> > > Le Thu, 10 Apr 2014 07:25:42 -0400,
> > > =

> > > Steve Grubb <sgrubb@redhat.com> a =E9crit :
> > > > On Thursday, April 10, 2014 09:06:11 AM Laurent Bigonville wrote:
> > > > > With 2.3.5, libauparse is exporting a new symbol
> > > > > (clear_config())
> > > > > =

> > > > > It seems that all the other symbols are prefixed with either
> > > > > auparse_ or audit_, so is this expected?
> > > > =

> > > > No, this was not expected. It should be an internal use only
> > > > function. Is this causing any symbol collision in a known program?
> > > =

> > > Searching[0] quickly in the code that is present in the debian
> > > archive, I see that at least lxc has the same function name, but I
> > > didn't encounter collision myself.
> > =

> > Thanks for checking this. I don't think lxr would be using auparse,
> > so I think we are safe. That said, the fix is to add the following:
> > =

> > void clear_config(struct daemon_conf *config) hidden;
> > =

> > to auparse/internal.h and then recompile. It's already in svn and
> > will be in the next release, which should be in the next week or so.
> =

> Thanks!
> =

> Something else somehow related, I just received a bugreport about the
> load_config() function being declared in both auditd core and the
> prelude plugin https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D744282

Something seems wrong with that report. the prelude plugin and auditd are t=
wo =

entirely different programs. But looking deeper, I wonder if what they mean=
t =

was that the prelude plugin links with auparse which uses the visibility =

settings to hide a load_config function from the ABI?

-Steve