2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
50 ** loginrec.c: platform-independent login recording and lastlog retrieval
54 * The new login code explained
55 * ============================
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
99 * Calling the new code
100 * --------------------
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
106 * Internal handler calling method
107 * -------------------------------
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
145 * Otherwise, patches to the specific method(s) are very helpful!
148 #include "includes.h"
150 #include <sys/types.h>
151 #include <sys/stat.h>
152 #include <sys/socket.h>
154 #include <netinet/in.h>
169 #include "hostfile.h"
171 #include "loginrec.h"
173 #include "atomicio.h"
175 #include "canohost.h"
183 #ifdef HAVE_LIBUTIL_H
184 # include <libutil.h>
188 ** prototypes for helper functions in this file
192 void set_utmp_time(struct logininfo
*li
, struct utmp
*ut
);
193 void construct_utmp(struct logininfo
*li
, struct utmp
*ut
);
197 void set_utmpx_time(struct logininfo
*li
, struct utmpx
*ut
);
198 void construct_utmpx(struct logininfo
*li
, struct utmpx
*ut
);
201 int utmp_write_entry(struct logininfo
*li
);
202 int utmpx_write_entry(struct logininfo
*li
);
203 int wtmp_write_entry(struct logininfo
*li
);
204 int wtmpx_write_entry(struct logininfo
*li
);
205 int lastlog_write_entry(struct logininfo
*li
);
206 int syslogin_write_entry(struct logininfo
*li
);
208 int getlast_entry(struct logininfo
*li
);
209 int lastlog_get_entry(struct logininfo
*li
);
210 int wtmp_get_entry(struct logininfo
*li
);
211 int wtmpx_get_entry(struct logininfo
*li
);
213 extern Buffer loginmsg
;
215 /* pick the shortest string */
216 #define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
219 ** platform-independent login functions
223 * login_login(struct logininfo *) - Record a login
225 * Call with a pointer to a struct logininfo initialised with
226 * login_init_entry() or login_alloc_entry()
230 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
233 login_login(struct logininfo
*li
)
235 li
->type
= LTYPE_LOGIN
;
236 return (login_write(li
));
241 * login_logout(struct logininfo *) - Record a logout
243 * Call as with login_login()
247 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
250 login_logout(struct logininfo
*li
)
252 li
->type
= LTYPE_LOGOUT
;
253 return (login_write(li
));
257 * login_get_lastlog_time(int) - Retrieve the last login time
259 * Retrieve the last login time for the given uid. Will try to use the
260 * system lastlog facilities if they are available, but will fall back
261 * to looking in wtmp/wtmpx if necessary
264 * 0 on failure, or if user has never logged in
265 * Time in seconds from the epoch if successful
267 * Useful preprocessor symbols:
268 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
270 * USE_LASTLOG: If set, indicates the presence of system lastlog
271 * facilities. If this and DISABLE_LASTLOG are not set,
272 * try to retrieve lastlog information from wtmp/wtmpx.
275 login_get_lastlog_time(const int uid
)
279 if (login_get_lastlog(&li
, uid
))
286 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
288 * Retrieve a logininfo structure populated (only partially) with
289 * information from the system lastlog data, or from wtmp/wtmpx if no
290 * system lastlog information exists.
292 * Note this routine must be given a pre-allocated logininfo.
295 * >0: A pointer to your struct logininfo if successful
296 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
299 login_get_lastlog(struct logininfo
*li
, const int uid
)
303 memset(li
, '\0', sizeof(*li
));
307 * If we don't have a 'real' lastlog, we need the username to
308 * reliably search wtmp(x) for the last login (see
313 fatal("%s: Cannot find account for uid %i", __func__
, uid
);
315 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
316 * username (XXX - so check for trunc!) */
317 strlcpy(li
->username
, pw
->pw_name
, sizeof(li
->username
));
319 if (getlast_entry(li
))
327 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
328 * a logininfo structure
330 * This function creates a new struct logininfo, a data structure
331 * meant to carry the information required to portably record login info.
333 * Returns a pointer to a newly created struct logininfo. If memory
334 * allocation fails, the program halts.
337 logininfo
*login_alloc_entry(int pid
, const char *username
,
338 const char *hostname
, const char *line
)
340 struct logininfo
*newli
;
342 newli
= xmalloc(sizeof(*newli
));
343 login_init_entry(newli
, pid
, username
, hostname
, line
);
348 /* login_free_entry(struct logininfo *) - free struct memory */
350 login_free_entry(struct logininfo
*li
)
356 /* login_init_entry(struct logininfo *, int, char*, char*, char*)
357 * - initialise a struct logininfo
359 * Populates a new struct logininfo, a data structure meant to carry
360 * the information required to portably record login info.
365 login_init_entry(struct logininfo
*li
, int pid
, const char *username
,
366 const char *hostname
, const char *line
)
370 memset(li
, 0, sizeof(*li
));
374 /* set the line information */
376 line_fullname(li
->line
, line
, sizeof(li
->line
));
379 strlcpy(li
->username
, username
, sizeof(li
->username
));
380 pw
= getpwnam(li
->username
);
382 fatal("%s: Cannot find user \"%s\"", __func__
,
385 li
->uid
= pw
->pw_uid
;
389 strlcpy(li
->hostname
, hostname
, sizeof(li
->hostname
));
395 * login_set_current_time(struct logininfo *) - set the current time
397 * Set the current time in a logininfo structure. This function is
398 * meant to eliminate the need to deal with system dependencies for
402 login_set_current_time(struct logininfo
*li
)
406 gettimeofday(&tv
, NULL
);
408 li
->tv_sec
= tv
.tv_sec
;
409 li
->tv_usec
= tv
.tv_usec
;
412 /* copy a sockaddr_* into our logininfo */
414 login_set_addr(struct logininfo
*li
, const struct sockaddr
*sa
,
415 const unsigned int sa_size
)
417 unsigned int bufsize
= sa_size
;
419 /* make sure we don't overrun our union */
420 if (sizeof(li
->hostaddr
) < sa_size
)
421 bufsize
= sizeof(li
->hostaddr
);
423 memcpy(&li
->hostaddr
.sa
, sa
, bufsize
);
428 ** login_write: Call low-level recording functions based on autoconf
432 login_write(struct logininfo
*li
)
435 if (geteuid() != 0) {
436 logit("Attempt to write login records by non-root user (aborting)");
441 /* set the timestamp */
442 login_set_current_time(li
);
444 syslogin_write_entry(li
);
447 if (li
->type
== LTYPE_LOGIN
)
448 lastlog_write_entry(li
);
451 utmp_write_entry(li
);
454 wtmp_write_entry(li
);
457 utmpx_write_entry(li
);
460 wtmpx_write_entry(li
);
462 #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
463 if (li
->type
== LTYPE_LOGIN
&&
464 !sys_auth_record_login(li
->username
,li
->hostname
,li
->line
,
466 logit("Writing login record failed for %s", li
->username
);
468 #ifdef SSH_AUDIT_EVENTS
469 if (li
->type
== LTYPE_LOGIN
)
470 audit_session_open(li
->line
);
471 else if (li
->type
== LTYPE_LOGOUT
)
472 audit_session_close(li
->line
);
477 #ifdef LOGIN_NEEDS_UTMPX
479 login_utmp_only(struct logininfo
*li
)
481 li
->type
= LTYPE_LOGIN
;
482 login_set_current_time(li
);
484 utmp_write_entry(li
);
487 wtmp_write_entry(li
);
490 utmpx_write_entry(li
);
493 wtmpx_write_entry(li
);
500 ** getlast_entry: Call low-level functions to retrieve the last login
504 /* take the uid in li and return the last login time */
506 getlast_entry(struct logininfo
*li
)
509 return(lastlog_get_entry(li
));
510 #else /* !USE_LASTLOG */
512 #if defined(DISABLE_LASTLOG)
513 /* On some systems we shouldn't even try to obtain last login
516 # elif defined(USE_WTMP) && \
517 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
518 /* retrieve last login time from utmp */
519 return (wtmp_get_entry(li
));
520 # elif defined(USE_WTMPX) && \
521 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
522 /* If wtmp isn't available, try wtmpx */
523 return (wtmpx_get_entry(li
));
525 /* Give up: No means of retrieving last login time */
527 # endif /* DISABLE_LASTLOG */
528 #endif /* USE_LASTLOG */
534 * 'line' string utility functions
536 * These functions process the 'line' string into one of three forms:
538 * 1. The full filename (including '/dev')
539 * 2. The stripped name (excluding '/dev')
540 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
541 * /dev/pts/1 -> ts/1 )
543 * Form 3 is used on some systems to identify a .tmp.? entry when
544 * attempting to remove it. Typically both addition and removal is
545 * performed by one application - say, sshd - so as long as the choice
546 * uniquely identifies a terminal it's ok.
551 * line_fullname(): add the leading '/dev/' if it doesn't exist make
552 * sure dst has enough space, if not just copy src (ugh)
555 line_fullname(char *dst
, const char *src
, u_int dstsize
)
557 memset(dst
, '\0', dstsize
);
558 if ((strncmp(src
, "/dev/", 5) == 0) || (dstsize
< (strlen(src
) + 5)))
559 strlcpy(dst
, src
, dstsize
);
561 strlcpy(dst
, "/dev/", dstsize
);
562 strlcat(dst
, src
, dstsize
);
567 /* line_stripname(): strip the leading '/dev' if it exists, return dst */
569 line_stripname(char *dst
, const char *src
, int dstsize
)
571 memset(dst
, '\0', dstsize
);
572 if (strncmp(src
, "/dev/", 5) == 0)
573 strlcpy(dst
, src
+ 5, dstsize
);
575 strlcpy(dst
, src
, dstsize
);
580 * line_abbrevname(): Return the abbreviated (usually four-character)
581 * form of the line (Just use the last <dstsize> characters of the
584 * NOTE: use strncpy because we do NOT necessarily want zero
588 line_abbrevname(char *dst
, const char *src
, int dstsize
)
592 memset(dst
, '\0', dstsize
);
594 /* Always skip prefix if present */
595 if (strncmp(src
, "/dev/", 5) == 0)
598 #ifdef WITH_ABBREV_NO_TTY
599 if (strncmp(src
, "tty", 3) == 0)
606 if (((int)len
- dstsize
) > 0)
607 src
+= ((int)len
- dstsize
);
609 /* note: _don't_ change this to strlcpy */
610 strncpy(dst
, src
, (size_t)dstsize
);
617 ** utmp utility functions
619 ** These functions manipulate struct utmp, taking system differences
623 #if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
625 /* build the utmp structure */
627 set_utmp_time(struct logininfo
*li
, struct utmp
*ut
)
629 # if defined(HAVE_TV_IN_UTMP)
630 ut
->ut_tv
.tv_sec
= li
->tv_sec
;
631 ut
->ut_tv
.tv_usec
= li
->tv_usec
;
632 # elif defined(HAVE_TIME_IN_UTMP)
633 ut
->ut_time
= li
->tv_sec
;
638 construct_utmp(struct logininfo
*li
,
641 # ifdef HAVE_ADDR_V6_IN_UTMP
642 struct sockaddr_in6
*sa6
;
645 memset(ut
, '\0', sizeof(*ut
));
647 /* First fill out fields used for both logins and logouts */
649 # ifdef HAVE_ID_IN_UTMP
650 line_abbrevname(ut
->ut_id
, li
->line
, sizeof(ut
->ut_id
));
653 # ifdef HAVE_TYPE_IN_UTMP
654 /* This is done here to keep utmp constants out of struct logininfo */
657 ut
->ut_type
= USER_PROCESS
;
663 ut
->ut_type
= DEAD_PROCESS
;
665 cray_retain_utmp(ut
, li
->pid
);
670 set_utmp_time(li
, ut
);
672 line_stripname(ut
->ut_line
, li
->line
, sizeof(ut
->ut_line
));
674 # ifdef HAVE_PID_IN_UTMP
675 ut
->ut_pid
= li
->pid
;
678 /* If we're logging out, leave all other fields blank */
679 if (li
->type
== LTYPE_LOGOUT
)
683 * These fields are only used when logging in, and are blank
687 /* Use strncpy because we don't necessarily want null termination */
688 strncpy(ut
->ut_name
, li
->username
,
689 MIN_SIZEOF(ut
->ut_name
, li
->username
));
690 # ifdef HAVE_HOST_IN_UTMP
691 strncpy(ut
->ut_host
, li
->hostname
,
692 MIN_SIZEOF(ut
->ut_host
, li
->hostname
));
694 # ifdef HAVE_ADDR_IN_UTMP
695 /* this is just a 32-bit IP address */
696 if (li
->hostaddr
.sa
.sa_family
== AF_INET
)
697 ut
->ut_addr
= li
->hostaddr
.sa_in
.sin_addr
.s_addr
;
699 # ifdef HAVE_ADDR_V6_IN_UTMP
700 /* this is just a 128-bit IPv6 address */
701 if (li
->hostaddr
.sa
.sa_family
== AF_INET6
) {
702 sa6
= ((struct sockaddr_in6
*)&li
->hostaddr
.sa
);
703 memcpy(ut
->ut_addr_v6
, sa6
->sin6_addr
.s6_addr
, 16);
704 if (IN6_IS_ADDR_V4MAPPED(&sa6
->sin6_addr
)) {
705 ut
->ut_addr_v6
[0] = ut
->ut_addr_v6
[3];
706 ut
->ut_addr_v6
[1] = 0;
707 ut
->ut_addr_v6
[2] = 0;
708 ut
->ut_addr_v6
[3] = 0;
713 #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
716 ** utmpx utility functions
718 ** These functions manipulate struct utmpx, accounting for system
722 #if defined(USE_UTMPX) || defined (USE_WTMPX)
723 /* build the utmpx structure */
725 set_utmpx_time(struct logininfo
*li
, struct utmpx
*utx
)
727 # if defined(HAVE_TV_IN_UTMPX)
728 utx
->ut_tv
.tv_sec
= li
->tv_sec
;
729 utx
->ut_tv
.tv_usec
= li
->tv_usec
;
730 # elif defined(HAVE_TIME_IN_UTMPX)
731 utx
->ut_time
= li
->tv_sec
;
736 construct_utmpx(struct logininfo
*li
, struct utmpx
*utx
)
738 # ifdef HAVE_ADDR_V6_IN_UTMP
739 struct sockaddr_in6
*sa6
;
741 memset(utx
, '\0', sizeof(*utx
));
743 # ifdef HAVE_ID_IN_UTMPX
744 line_abbrevname(utx
->ut_id
, li
->line
, sizeof(utx
->ut_id
));
747 /* this is done here to keep utmp constants out of loginrec.h */
750 utx
->ut_type
= USER_PROCESS
;
753 utx
->ut_type
= DEAD_PROCESS
;
756 line_stripname(utx
->ut_line
, li
->line
, sizeof(utx
->ut_line
));
757 set_utmpx_time(li
, utx
);
758 utx
->ut_pid
= li
->pid
;
760 /* strncpy(): Don't necessarily want null termination */
761 strncpy(utx
->ut_name
, li
->username
,
762 MIN_SIZEOF(utx
->ut_name
, li
->username
));
764 if (li
->type
== LTYPE_LOGOUT
)
768 * These fields are only used when logging in, and are blank
772 # ifdef HAVE_HOST_IN_UTMPX
773 strncpy(utx
->ut_host
, li
->hostname
,
774 MIN_SIZEOF(utx
->ut_host
, li
->hostname
));
776 # ifdef HAVE_ADDR_IN_UTMPX
777 /* this is just a 32-bit IP address */
778 if (li
->hostaddr
.sa
.sa_family
== AF_INET
)
779 utx
->ut_addr
= li
->hostaddr
.sa_in
.sin_addr
.s_addr
;
781 # ifdef HAVE_ADDR_V6_IN_UTMP
782 /* this is just a 128-bit IPv6 address */
783 if (li
->hostaddr
.sa
.sa_family
== AF_INET6
) {
784 sa6
= ((struct sockaddr_in6
*)&li
->hostaddr
.sa
);
785 memcpy(ut
->ut_addr_v6
, sa6
->sin6_addr
.s6_addr
, 16);
786 if (IN6_IS_ADDR_V4MAPPED(&sa6
->sin6_addr
)) {
787 ut
->ut_addr_v6
[0] = ut
->ut_addr_v6
[3];
788 ut
->ut_addr_v6
[1] = 0;
789 ut
->ut_addr_v6
[2] = 0;
790 ut
->ut_addr_v6
[3] = 0;
794 # ifdef HAVE_SYSLEN_IN_UTMPX
795 /* ut_syslen is the length of the utx_host string */
796 utx
->ut_syslen
= MIN(strlen(li
->hostname
), sizeof(utx
->ut_host
));
799 #endif /* USE_UTMPX || USE_WTMPX */
802 ** Low-level utmp functions
805 /* FIXME: (ATL) utmp_write_direct needs testing */
808 /* if we can, use pututline() etc. */
809 # if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
810 defined(HAVE_PUTUTLINE)
811 # define UTMP_USE_LIBRARY
815 /* write a utmp entry with the system's help (pututline() and pals) */
816 # ifdef UTMP_USE_LIBRARY
818 utmp_write_library(struct logininfo
*li
, struct utmp
*ut
)
822 # ifdef HAVE_ENDUTENT
827 # else /* UTMP_USE_LIBRARY */
830 * Write a utmp entry direct to the file
831 * This is a slightly modification of code in OpenBSD's login.c
834 utmp_write_direct(struct logininfo
*li
, struct utmp
*ut
)
840 /* FIXME: (ATL) ttyslot() needs local implementation */
842 #if defined(HAVE_GETTTYENT)
847 while (NULL
!= (ty
= getttyent())) {
849 if (!strncmp(ty
->ty_name
, ut
->ut_line
, sizeof(ut
->ut_line
)))
855 logit("%s: tty not found", __func__
);
860 tty
= ttyslot(); /* seems only to work for /dev/ttyp? style names */
862 #endif /* HAVE_GETTTYENT */
864 if (tty
> 0 && (fd
= open(UTMP_FILE
, O_RDWR
|O_CREAT
, 0644)) >= 0) {
867 pos
= (off_t
)tty
* sizeof(struct utmp
);
868 if ((ret
= lseek(fd
, pos
, SEEK_SET
)) == -1) {
869 logit("%s: lseek: %s", __func__
, strerror(errno
));
873 logit("%s: Couldn't seek to tty %d slot in %s",
874 __func__
, tty
, UTMP_FILE
);
878 * Prevent luser from zero'ing out ut_host.
879 * If the new ut_line is empty but the old one is not
880 * and ut_line and ut_name match, preserve the old ut_line.
882 if (atomicio(read
, fd
, &old_ut
, sizeof(old_ut
)) == sizeof(old_ut
) &&
883 (ut
->ut_host
[0] == '\0') && (old_ut
.ut_host
[0] != '\0') &&
884 (strncmp(old_ut
.ut_line
, ut
->ut_line
, sizeof(ut
->ut_line
)) == 0) &&
885 (strncmp(old_ut
.ut_name
, ut
->ut_name
, sizeof(ut
->ut_name
)) == 0))
886 memcpy(ut
->ut_host
, old_ut
.ut_host
, sizeof(ut
->ut_host
));
888 if ((ret
= lseek(fd
, pos
, SEEK_SET
)) == -1) {
889 logit("%s: lseek: %s", __func__
, strerror(errno
));
893 logit("%s: Couldn't seek to tty %d slot in %s",
894 __func__
, tty
, UTMP_FILE
);
897 if (atomicio(vwrite
, fd
, ut
, sizeof(*ut
)) != sizeof(*ut
)) {
898 logit("%s: error writing %s: %s", __func__
,
899 UTMP_FILE
, strerror(errno
));
908 # endif /* UTMP_USE_LIBRARY */
911 utmp_perform_login(struct logininfo
*li
)
915 construct_utmp(li
, &ut
);
916 # ifdef UTMP_USE_LIBRARY
917 if (!utmp_write_library(li
, &ut
)) {
918 logit("%s: utmp_write_library() failed", __func__
);
922 if (!utmp_write_direct(li
, &ut
)) {
923 logit("%s: utmp_write_direct() failed", __func__
);
932 utmp_perform_logout(struct logininfo
*li
)
936 construct_utmp(li
, &ut
);
937 # ifdef UTMP_USE_LIBRARY
938 if (!utmp_write_library(li
, &ut
)) {
939 logit("%s: utmp_write_library() failed", __func__
);
943 if (!utmp_write_direct(li
, &ut
)) {
944 logit("%s: utmp_write_direct() failed", __func__
);
953 utmp_write_entry(struct logininfo
*li
)
957 return (utmp_perform_login(li
));
960 return (utmp_perform_logout(li
));
963 logit("%s: invalid type field", __func__
);
967 #endif /* USE_UTMP */
971 ** Low-level utmpx functions
974 /* not much point if we don't want utmpx entries */
977 /* if we have the wherewithall, use pututxline etc. */
978 # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
979 defined(HAVE_PUTUTXLINE)
980 # define UTMPX_USE_LIBRARY
984 /* write a utmpx entry with the system's help (pututxline() and pals) */
985 # ifdef UTMPX_USE_LIBRARY
987 utmpx_write_library(struct logininfo
*li
, struct utmpx
*utx
)
992 # ifdef HAVE_ENDUTXENT
998 # else /* UTMPX_USE_LIBRARY */
1000 /* write a utmp entry direct to the file */
1002 utmpx_write_direct(struct logininfo
*li
, struct utmpx
*utx
)
1004 logit("%s: not implemented!", __func__
);
1007 # endif /* UTMPX_USE_LIBRARY */
1010 utmpx_perform_login(struct logininfo
*li
)
1014 construct_utmpx(li
, &utx
);
1015 # ifdef UTMPX_USE_LIBRARY
1016 if (!utmpx_write_library(li
, &utx
)) {
1017 logit("%s: utmp_write_library() failed", __func__
);
1021 if (!utmpx_write_direct(li
, &ut
)) {
1022 logit("%s: utmp_write_direct() failed", __func__
);
1031 utmpx_perform_logout(struct logininfo
*li
)
1035 construct_utmpx(li
, &utx
);
1036 # ifdef HAVE_ID_IN_UTMPX
1037 line_abbrevname(utx
.ut_id
, li
->line
, sizeof(utx
.ut_id
));
1039 # ifdef HAVE_TYPE_IN_UTMPX
1040 utx
.ut_type
= DEAD_PROCESS
;
1043 # ifdef UTMPX_USE_LIBRARY
1044 utmpx_write_library(li
, &utx
);
1046 utmpx_write_direct(li
, &utx
);
1052 utmpx_write_entry(struct logininfo
*li
)
1056 return (utmpx_perform_login(li
));
1058 return (utmpx_perform_logout(li
));
1060 logit("%s: invalid type field", __func__
);
1064 #endif /* USE_UTMPX */
1068 ** Low-level wtmp functions
1074 * Write a wtmp entry direct to the end of the file
1075 * This is a slight modification of code in OpenBSD's logwtmp.c
1078 wtmp_write(struct logininfo
*li
, struct utmp
*ut
)
1083 if ((fd
= open(WTMP_FILE
, O_WRONLY
|O_APPEND
, 0)) < 0) {
1084 logit("%s: problem writing %s: %s", __func__
,
1085 WTMP_FILE
, strerror(errno
));
1088 if (fstat(fd
, &buf
) == 0)
1089 if (atomicio(vwrite
, fd
, ut
, sizeof(*ut
)) != sizeof(*ut
)) {
1090 ftruncate(fd
, buf
.st_size
);
1091 logit("%s: problem writing %s: %s", __func__
,
1092 WTMP_FILE
, strerror(errno
));
1100 wtmp_perform_login(struct logininfo
*li
)
1104 construct_utmp(li
, &ut
);
1105 return (wtmp_write(li
, &ut
));
1110 wtmp_perform_logout(struct logininfo
*li
)
1114 construct_utmp(li
, &ut
);
1115 return (wtmp_write(li
, &ut
));
1120 wtmp_write_entry(struct logininfo
*li
)
1124 return (wtmp_perform_login(li
));
1126 return (wtmp_perform_logout(li
));
1128 logit("%s: invalid type field", __func__
);
1135 * Notes on fetching login data from wtmp/wtmpx
1137 * Logouts are usually recorded with (amongst other things) a blank
1138 * username on a given tty line. However, some systems (HP-UX is one)
1139 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1141 * Since we're only looking for logins here, we know that the username
1142 * must be set correctly. On systems that leave it in, we check for
1143 * ut_type==USER_PROCESS (indicating a login.)
1145 * Portability: Some systems may set something other than USER_PROCESS
1146 * to indicate a login process. I don't know of any as I write. Also,
1147 * it's possible that some systems may both leave the username in
1148 * place and not have ut_type.
1151 /* return true if this wtmp entry indicates a login */
1153 wtmp_islogin(struct logininfo
*li
, struct utmp
*ut
)
1155 if (strncmp(li
->username
, ut
->ut_name
,
1156 MIN_SIZEOF(li
->username
, ut
->ut_name
)) == 0) {
1157 # ifdef HAVE_TYPE_IN_UTMP
1158 if (ut
->ut_type
& USER_PROCESS
)
1168 wtmp_get_entry(struct logininfo
*li
)
1174 /* Clear the time entries in our logininfo */
1175 li
->tv_sec
= li
->tv_usec
= 0;
1177 if ((fd
= open(WTMP_FILE
, O_RDONLY
)) < 0) {
1178 logit("%s: problem opening %s: %s", __func__
,
1179 WTMP_FILE
, strerror(errno
));
1182 if (fstat(fd
, &st
) != 0) {
1183 logit("%s: couldn't stat %s: %s", __func__
,
1184 WTMP_FILE
, strerror(errno
));
1189 /* Seek to the start of the last struct utmp */
1190 if (lseek(fd
, -(off_t
)sizeof(struct utmp
), SEEK_END
) == -1) {
1191 /* Looks like we've got a fresh wtmp file */
1197 if (atomicio(read
, fd
, &ut
, sizeof(ut
)) != sizeof(ut
)) {
1198 logit("%s: read of %s failed: %s", __func__
,
1199 WTMP_FILE
, strerror(errno
));
1203 if ( wtmp_islogin(li
, &ut
) ) {
1206 * We've already checked for a time in struct
1207 * utmp, in login_getlast()
1209 # ifdef HAVE_TIME_IN_UTMP
1210 li
->tv_sec
= ut
.ut_time
;
1212 # if HAVE_TV_IN_UTMP
1213 li
->tv_sec
= ut
.ut_tv
.tv_sec
;
1216 line_fullname(li
->line
, ut
.ut_line
,
1217 MIN_SIZEOF(li
->line
, ut
.ut_line
));
1218 # ifdef HAVE_HOST_IN_UTMP
1219 strlcpy(li
->hostname
, ut
.ut_host
,
1220 MIN_SIZEOF(li
->hostname
, ut
.ut_host
));
1224 /* Seek back 2 x struct utmp */
1225 if (lseek(fd
, -(off_t
)(2 * sizeof(struct utmp
)), SEEK_CUR
) == -1) {
1226 /* We've found the start of the file, so quit */
1232 /* We found an entry. Tidy up and return */
1236 # endif /* USE_WTMP */
1240 ** Low-level wtmpx functions
1245 * Write a wtmpx entry direct to the end of the file
1246 * This is a slight modification of code in OpenBSD's logwtmp.c
1249 wtmpx_write(struct logininfo
*li
, struct utmpx
*utx
)
1251 #ifndef HAVE_UPDWTMPX
1255 if ((fd
= open(WTMPX_FILE
, O_WRONLY
|O_APPEND
, 0)) < 0) {
1256 logit("%s: problem opening %s: %s", __func__
,
1257 WTMPX_FILE
, strerror(errno
));
1261 if (fstat(fd
, &buf
) == 0)
1262 if (atomicio(vwrite
, fd
, utx
, sizeof(*utx
)) != sizeof(*utx
)) {
1263 ftruncate(fd
, buf
.st_size
);
1264 logit("%s: problem writing %s: %s", __func__
,
1265 WTMPX_FILE
, strerror(errno
));
1272 updwtmpx(WTMPX_FILE
, utx
);
1279 wtmpx_perform_login(struct logininfo
*li
)
1283 construct_utmpx(li
, &utx
);
1284 return (wtmpx_write(li
, &utx
));
1289 wtmpx_perform_logout(struct logininfo
*li
)
1293 construct_utmpx(li
, &utx
);
1294 return (wtmpx_write(li
, &utx
));
1299 wtmpx_write_entry(struct logininfo
*li
)
1303 return (wtmpx_perform_login(li
));
1305 return (wtmpx_perform_logout(li
));
1307 logit("%s: invalid type field", __func__
);
1312 /* Please see the notes above wtmp_islogin() for information about the
1313 next two functions */
1315 /* Return true if this wtmpx entry indicates a login */
1317 wtmpx_islogin(struct logininfo
*li
, struct utmpx
*utx
)
1319 if (strncmp(li
->username
, utx
->ut_name
,
1320 MIN_SIZEOF(li
->username
, utx
->ut_name
)) == 0 ) {
1321 # ifdef HAVE_TYPE_IN_UTMPX
1322 if (utx
->ut_type
== USER_PROCESS
)
1333 wtmpx_get_entry(struct logininfo
*li
)
1339 /* Clear the time entries */
1340 li
->tv_sec
= li
->tv_usec
= 0;
1342 if ((fd
= open(WTMPX_FILE
, O_RDONLY
)) < 0) {
1343 logit("%s: problem opening %s: %s", __func__
,
1344 WTMPX_FILE
, strerror(errno
));
1347 if (fstat(fd
, &st
) != 0) {
1348 logit("%s: couldn't stat %s: %s", __func__
,
1349 WTMPX_FILE
, strerror(errno
));
1354 /* Seek to the start of the last struct utmpx */
1355 if (lseek(fd
, -(off_t
)sizeof(struct utmpx
), SEEK_END
) == -1 ) {
1356 /* probably a newly rotated wtmpx file */
1362 if (atomicio(read
, fd
, &utx
, sizeof(utx
)) != sizeof(utx
)) {
1363 logit("%s: read of %s failed: %s", __func__
,
1364 WTMPX_FILE
, strerror(errno
));
1369 * Logouts are recorded as a blank username on a particular
1370 * line. So, we just need to find the username in struct utmpx
1372 if (wtmpx_islogin(li
, &utx
)) {
1374 # if defined(HAVE_TV_IN_UTMPX)
1375 li
->tv_sec
= utx
.ut_tv
.tv_sec
;
1376 # elif defined(HAVE_TIME_IN_UTMPX)
1377 li
->tv_sec
= utx
.ut_time
;
1379 line_fullname(li
->line
, utx
.ut_line
, sizeof(li
->line
));
1380 # if defined(HAVE_HOST_IN_UTMPX)
1381 strlcpy(li
->hostname
, utx
.ut_host
,
1382 MIN_SIZEOF(li
->hostname
, utx
.ut_host
));
1386 if (lseek(fd
, -(off_t
)(2 * sizeof(struct utmpx
)), SEEK_CUR
) == -1) {
1395 #endif /* USE_WTMPX */
1398 ** Low-level libutil login() functions
1403 syslogin_perform_login(struct logininfo
*li
)
1407 ut
= xmalloc(sizeof(*ut
));
1408 construct_utmp(li
, ut
);
1416 syslogin_perform_logout(struct logininfo
*li
)
1419 char line
[UT_LINESIZE
];
1421 (void)line_stripname(line
, li
->line
, sizeof(line
));
1424 logit("%s: logout() returned an error", __func__
);
1425 # ifdef HAVE_LOGWTMP
1427 logwtmp(line
, "", "");
1429 /* FIXME: (ATL - if the need arises) What to do if we have
1430 * login, but no logout? what if logout but no logwtmp? All
1431 * routines are in libutil so they should all be there,
1438 syslogin_write_entry(struct logininfo
*li
)
1442 return (syslogin_perform_login(li
));
1444 return (syslogin_perform_logout(li
));
1446 logit("%s: Invalid type field", __func__
);
1450 #endif /* USE_LOGIN */
1452 /* end of file log-syslogin.c */
1455 ** Low-level lastlog functions
1460 #if !defined(LASTLOG_WRITE_PUTUTXLINE) || !defined(HAVE_GETLASTLOGXBYNAME)
1461 /* open the file (using filemode) and seek to the login entry */
1463 lastlog_openseek(struct logininfo
*li
, int *fd
, int filemode
)
1466 char lastlog_file
[1024];
1469 if (stat(LASTLOG_FILE
, &st
) != 0) {
1470 logit("%s: Couldn't stat %s: %s", __func__
,
1471 LASTLOG_FILE
, strerror(errno
));
1474 if (S_ISDIR(st
.st_mode
)) {
1475 snprintf(lastlog_file
, sizeof(lastlog_file
), "%s/%s",
1476 LASTLOG_FILE
, li
->username
);
1477 } else if (S_ISREG(st
.st_mode
)) {
1478 strlcpy(lastlog_file
, LASTLOG_FILE
, sizeof(lastlog_file
));
1480 logit("%s: %.100s is not a file or directory!", __func__
,
1485 *fd
= open(lastlog_file
, filemode
, 0600);
1487 debug("%s: Couldn't open %s: %s", __func__
,
1488 lastlog_file
, strerror(errno
));
1492 if (S_ISREG(st
.st_mode
)) {
1493 /* find this uid's offset in the lastlog file */
1494 offset
= (off_t
) ((long)li
->uid
* sizeof(struct lastlog
));
1496 if (lseek(*fd
, offset
, SEEK_SET
) != offset
) {
1497 logit("%s: %s->lseek(): %s", __func__
,
1498 lastlog_file
, strerror(errno
));
1505 #endif /* !LASTLOG_WRITE_PUTUTXLINE || !HAVE_GETLASTLOGXBYNAME */
1507 #ifdef LASTLOG_WRITE_PUTUTXLINE
1509 lastlog_write_entry(struct logininfo
*li
)
1513 return 1; /* lastlog written by pututxline */
1515 logit("lastlog_write_entry: Invalid type field");
1519 #else /* LASTLOG_WRITE_PUTUTXLINE */
1521 lastlog_write_entry(struct logininfo
*li
)
1523 struct lastlog last
;
1528 /* create our struct lastlog */
1529 memset(&last
, '\0', sizeof(last
));
1530 line_stripname(last
.ll_line
, li
->line
, sizeof(last
.ll_line
));
1531 strlcpy(last
.ll_host
, li
->hostname
,
1532 MIN_SIZEOF(last
.ll_host
, li
->hostname
));
1533 last
.ll_time
= li
->tv_sec
;
1535 if (!lastlog_openseek(li
, &fd
, O_RDWR
|O_CREAT
))
1538 /* write the entry */
1539 if (atomicio(vwrite
, fd
, &last
, sizeof(last
)) != sizeof(last
)) {
1541 logit("%s: Error writing to %s: %s", __func__
,
1542 LASTLOG_FILE
, strerror(errno
));
1549 logit("%s: Invalid type field", __func__
);
1553 #endif /* LASTLOG_WRITE_PUTUTXLINE */
1555 #ifdef HAVE_GETLASTLOGXBYNAME
1557 lastlog_get_entry(struct logininfo
*li
)
1559 struct lastlogx l
, *ll
;
1561 if ((ll
= getlastlogxbyname(li
->username
, &l
)) == NULL
) {
1562 memset(&l
, '\0', sizeof(l
));
1565 line_fullname(li
->line
, ll
->ll_line
, sizeof(li
->line
));
1566 strlcpy(li
->hostname
, ll
->ll_host
,
1567 MIN_SIZEOF(li
->hostname
, ll
->ll_host
));
1568 li
->tv_sec
= ll
->ll_tv
.tv_sec
;
1569 li
->tv_usec
= ll
->ll_tv
.tv_usec
;
1572 #else /* HAVE_GETLASTLOGXBYNAME */
1574 lastlog_get_entry(struct logininfo
*li
)
1576 struct lastlog last
;
1579 if (!lastlog_openseek(li
, &fd
, O_RDONLY
))
1582 ret
= atomicio(read
, fd
, &last
, sizeof(last
));
1587 memset(&last
, '\0', sizeof(last
));
1590 line_fullname(li
->line
, last
.ll_line
, sizeof(li
->line
));
1591 strlcpy(li
->hostname
, last
.ll_host
,
1592 MIN_SIZEOF(li
->hostname
, last
.ll_host
));
1593 li
->tv_sec
= last
.ll_time
;
1596 error("%s: Error reading from %s: %s", __func__
,
1597 LASTLOG_FILE
, strerror(errno
));
1600 error("%s: Error reading from %s: Expecting %d, got %d",
1601 __func__
, LASTLOG_FILE
, (int)sizeof(last
), ret
);
1608 #endif /* HAVE_GETLASTLOGXBYNAME */
1609 #endif /* USE_LASTLOG */
1613 * Logs failed login attempts in _PATH_BTMP if that exists.
1614 * The most common login failure is to give password instead of username.
1615 * So the _PATH_BTMP file checked for the correct permission, so that
1616 * only root can read it.
1620 record_failed_login(const char *username
, const char *hostname
,
1625 struct sockaddr_storage from
;
1626 socklen_t fromlen
= sizeof(from
);
1627 struct sockaddr_in
*a4
;
1628 struct sockaddr_in6
*a6
;
1634 if ((fd
= open(_PATH_BTMP
, O_WRONLY
| O_APPEND
)) < 0) {
1635 debug("Unable to open the btmp file %s: %s", _PATH_BTMP
,
1639 if (fstat(fd
, &fst
) < 0) {
1640 logit("%s: fstat of %s failed: %s", __func__
, _PATH_BTMP
,
1644 if((fst
.st_mode
& (S_IRWXG
| S_IRWXO
)) || (fst
.st_uid
!= 0)){
1645 logit("Excess permission or bad ownership on file %s",
1650 memset(&ut
, 0, sizeof(ut
));
1651 /* strncpy because we don't necessarily want nul termination */
1652 strncpy(ut
.ut_user
, username
, sizeof(ut
.ut_user
));
1653 strlcpy(ut
.ut_line
, "ssh:notty", sizeof(ut
.ut_line
));
1656 ut
.ut_time
= t
; /* ut_time is not always a time_t */
1657 ut
.ut_type
= LOGIN_PROCESS
;
1658 ut
.ut_pid
= getpid();
1660 /* strncpy because we don't necessarily want nul termination */
1661 strncpy(ut
.ut_host
, hostname
, sizeof(ut
.ut_host
));
1663 if (packet_connection_is_on_socket() &&
1664 getpeername(packet_get_connection_in(),
1665 (struct sockaddr
*)&from
, &fromlen
) == 0) {
1666 ipv64_normalise_mapped(&from
, &fromlen
);
1667 if (from
.ss_family
== AF_INET
) {
1668 a4
= (struct sockaddr_in
*)&from
;
1669 memcpy(&ut
.ut_addr
, &(a4
->sin_addr
),
1670 MIN_SIZEOF(ut
.ut_addr
, a4
->sin_addr
));
1672 #ifdef HAVE_ADDR_V6_IN_UTMP
1673 if (from
.ss_family
== AF_INET6
) {
1674 a6
= (struct sockaddr_in6
*)&from
;
1675 memcpy(&ut
.ut_addr_v6
, &(a6
->sin6_addr
),
1676 MIN_SIZEOF(ut
.ut_addr_v6
, a6
->sin6_addr
));
1681 if (atomicio(vwrite
, fd
, &ut
, sizeof(ut
)) != sizeof(ut
))
1682 error("Failed to write to %s: %s", _PATH_BTMP
,
1688 #endif /* USE_BTMP */