Re: bug?: audit filtering on negative values

Hey all, I'm not sure if anyone else has seen this, or if its been brought up before (though I think not), but I've discovered a problem with trying to have audit filter on fields with negative values. I suspect this is due to a difference in kernel space and user space, given the results I've seen below, but here are the particulars: On zSeries and on xSeries, we have noticed that we are incapable (in some situations) of filtering messages when the filter value is negative. On zSeries, this seems to be true for all fields, while on xSeries, its true if the field is a1,a2,a3. We have explicity tested -9 and -1, but I believe this code will extend to all manner of negative values because seems to be related to the representation of these values in the different architectures (32 v 64). I have not tested it on a 32-bit only platform, if someone has the ability to that (should take all of 3minutes) that would probably be useful :) Below is all of my test information. Thanks, Mike