Add hack to workaround "audit_log_user_command(): Connection refused" from sudo.

diff --git a/kernel-2.6.spec b/kernel-2.6.spec
index 606cd11..ccb94c4 100644 (file)
--- a/kernel-2.6.spec
+++ b/kernel-2.6.spec
@@ -172,6 +172,7 @@ Patch580: linux-2.6-580-show-proc-virt.patch
 Patch590: linux-2.6-590-chopstix-intern.patch
 Patch620: linux-2.6-620-kdb.patch
 Patch630: linux-2.6-630-sched-fix.patch
+Patch640: linux-2.6-640-netlink-audit-hack.patch
 
 # See also the file named 'sources' here for the related checksums
 # NOTE. iwlwifi should be in-kernel starting from 2.6.24

diff --git a/linux-2.6-640-netlink-audit-hack.patch b/linux-2.6-640-netlink-audit-hack.patch
new file mode 100644 (file)
index 0000000..ad2f1d2
--- /dev/null
+++ b/linux-2.6-640-netlink-audit-hack.patch
@@ -0,0 +1,15 @@
+diff -Nurp linux-2.6.22-630/net/netlink/af_netlink.c linux-2.6.22-640/net/netlink/af_netlink.c
+--- linux-2.6.22-630/net/netlink/af_netlink.c  2008-04-09 18:46:27.000000000 +0200
++++ linux-2.6.22-640/net/netlink/af_netlink.c  2008-05-05 19:20:02.000000000 +0200
+@@ -426,6 +426,11 @@ static int netlink_create(struct socket 
+       if (protocol<0 || protocol >= MAX_LINKS)
+               return -EPROTONOSUPPORT;
+ 
++#ifndef CONFIG_AUDIT
++      if (protocol == NETLINK_AUDIT)
++              return -EPROTONOSUPPORT;
++#endif
++
+       netlink_lock_table();
+ #ifdef CONFIG_KMOD
+       if (!nl_table[protocol].registered) {