search

linux-audit / audit-kernel

GitHub mirror of the Linux Kernel's audit repository
https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
Other
137 stars 36 forks source link

Q: elogind stops incrementing session ID after some uptime #142

Closed opty77 closed 1 year ago

opty77 commented 1 year ago

elogind stops incrementing session ID after some uptime

elogind or audit login session ID bug?

pcmoore commented 1 year ago

The audit session ID is incremented whenever a valid UID is successfully written to "/proc/self/loginuid", see audit_set_loginuid() and proc_loginuid_write() in the Linux Kernel sources for more information. Generally this is handled at login via the "pam_loginuid" PAM module, I suggest you start there to figure out what might be going wrong as the kernel code hasn't changed in some time and there are no widespread reports of breakages.

opty77 commented 1 year ago

Update

pcmoore commented 1 year ago

It's generally considered a good idea to copy the relevant information into the GH issue. You can still provide a link to the external source, but it's helpful if all of the relevant information is contained within the GH issue itself.

Looking quickly at the external issue, it looks like this issue has been resolved as a configuration issue so I'm going to close this out. If you believe this is still an issue with the kernel please feel free to re-open the issue or leave an additional comment and I can re-open it.

opty77 commented 1 year ago

Sorry, I didn't want to duplicate but I will try to keep it in mind next time (if any).

For now it really seems like an elogind issue, thanks for your patience.