The augenrules command exits with 1 whenever the audit system has been set to immutable mode via "-e 2". Up until RHEL 8.9 (audit-3.0.7-5.el8.x86_64) it used to exit with 0.

Steps to reproduce

1. Set audit in immutable mode by adding "-e 2" as an audit rule.
2. # service auditd restart
3. Either restart auditd again or run "augenrules --load"

Expected results

augenrules should exit with 0 instead of 1, as with previous versions.

Actual results

augenrules exits with 1, which is considered an error.

This seems to be related to this upstream bug report where it was fixed. If the upstream augenrules script is used, it exits normally:

 [root@r810 sbin]# auditctl -s|grep enabled
enabled 2
[root@r810 sbin]# augenrules --load
/usr/sbin/augenrules: No change
[root@r810 sbin]# echo $?
1
[root@r810 sbin]# ./augenrules.upstream 
./augenrules.upstream: No change
./augenrules.upstream: Audit system is in immutable mode - exiting with no changes
[root@r810 sbin]# echo $?
0
[root@r810 sbin]# 

It looks to have started happening with the rebase to audit-3.1.2