2 * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 * Copyright (c) 2001 Mark R V Murray
6 * Copyright (c) 2001 Networks Associates Technology, Inc.
8 * Copyright (c) 2004 Joe R. Doupnik
11 * Portions of this software were developed for the FreeBSD Project by
12 * ThinkSec AS and NAI Labs, the Security Research Division of Network
13 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
14 * ("CBOSS"), as part of the DARPA CHATS research program.
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
19 * 1. Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution.
24 * 3. The name of the author may not be used to endorse or promote
25 * products derived from this software without specific prior written
27 * 4. Neither the name of the University nor the names of its contributors
28 * may be used to endorse or promote products derived from this software
29 * without specific prior written permission.
31 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
32 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
35 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
43 * $FreeBSD: src/lib/libpam/modules/pam_lastlog/pam_lastlog.c,v 1.23 2007/07/22 15:17:29 des Exp $
48 #include <sys/param.h>
62 #define PAM_SM_SESSION
64 #include <security/pam_appl.h>
65 #include <security/pam_modules.h>
66 #include <security/pam_mod_misc.h>
69 pam_sm_open_session(pam_handle_t
*pamh
, int flags
,
70 int argc __unused
, const char *argv
[] __unused
)
77 const void *rhost
, *tty
;
81 pam_err
= pam_get_user(pamh
, &user
, NULL
);
82 if (pam_err
!= PAM_SUCCESS
)
84 if (user
== NULL
|| (pwd
= getpwnam(user
)) == NULL
)
85 return (PAM_SERVICE_ERR
);
86 PAM_LOG("Got user: %s", user
);
88 pam_err
= pam_get_item(pamh
, PAM_RHOST
, &rhost
);
89 if (pam_err
!= PAM_SUCCESS
) {
90 PAM_LOG("No PAM_RHOST");
93 pam_err
= pam_get_item(pamh
, PAM_TTY
, &tty
);
94 if (pam_err
!= PAM_SUCCESS
) {
95 PAM_LOG("No PAM_TTY");
99 PAM_LOG("No PAM_TTY");
100 pam_err
= PAM_SERVICE_ERR
;
103 if (strncmp(tty
, _PATH_DEV
, strlen(_PATH_DEV
)) == 0)
104 tty
= (const char *)tty
+ strlen(_PATH_DEV
);
105 if (*(const char *)tty
== '\0')
106 return (PAM_SERVICE_ERR
);
108 fd
= open(_PATH_LASTLOG
, O_RDWR
|O_CREAT
, 0644);
110 PAM_LOG("Failed to open %s", _PATH_LASTLOG
);
115 * Record session in lastlog(5).
117 llpos
= (off_t
)(pwd
->pw_uid
* sizeof(ll
));
118 if (lseek(fd
, llpos
, L_SET
) != llpos
)
120 if ((flags
& PAM_SILENT
) == 0) {
121 if (read(fd
, &ll
, sizeof ll
) == sizeof ll
&& ll
.ll_time
!= 0) {
123 if (*ll
.ll_host
!= '\0')
124 pam_info(pamh
, "Last login: %.*s from %.*s",
126 (int)sizeof(ll
.ll_host
), ll
.ll_host
);
128 pam_info(pamh
, "Last login: %.*s on %.*s",
130 (int)sizeof(ll
.ll_line
), ll
.ll_line
);
132 if (lseek(fd
, llpos
, L_SET
) != llpos
)
136 bzero(&ll
, sizeof(ll
));
137 ll
.ll_time
= time(NULL
);
139 /* note: does not need to be NUL-terminated */
140 strncpy(ll
.ll_line
, tty
, sizeof(ll
.ll_line
));
141 if (rhost
!= NULL
&& *(const char *)rhost
!= '\0')
142 /* note: does not need to be NUL-terminated */
143 strncpy(ll
.ll_host
, rhost
, sizeof(ll
.ll_host
));
145 if (write(fd
, (char *)&ll
, sizeof(ll
)) != sizeof(ll
) || close(fd
) != 0)
148 PAM_LOG("Login recorded in %s", _PATH_LASTLOG
);
151 * Record session in utmp(5) and wtmp(5).
153 bzero(&utmp
, sizeof(utmp
));
154 utmp
.ut_time
= time(NULL
);
155 /* note: does not need to be NUL-terminated */
156 strncpy(utmp
.ut_name
, user
, sizeof(utmp
.ut_name
));
157 if (rhost
!= NULL
&& *(const char *)rhost
!= '\0')
158 strncpy(utmp
.ut_host
, rhost
, sizeof(utmp
.ut_host
));
159 strncpy(utmp
.ut_line
, tty
, sizeof(utmp
.ut_line
));
162 return (PAM_SUCCESS
);
165 syslog(LOG_ERR
, "%s: %m", _PATH_LASTLOG
);
168 pam_err
= PAM_SYSTEM_ERR
;
170 if (openpam_get_option(pamh
, "no_fail"))
171 return (PAM_SUCCESS
);
176 pam_sm_close_session(pam_handle_t
*pamh __unused
, int flags __unused
,
177 int argc __unused
, const char *argv
[] __unused
)
182 pam_err
= pam_get_item(pamh
, PAM_TTY
, (const void **)&tty
);
183 if (pam_err
!= PAM_SUCCESS
)
185 if (strncmp(tty
, _PATH_DEV
, strlen(_PATH_DEV
)) == 0)
186 tty
= (const char *)tty
+ strlen(_PATH_DEV
);
187 if (*(const char *)tty
== '\0')
188 return (PAM_SERVICE_ERR
);
189 if (logout(tty
) != 1)
190 syslog(LOG_ERR
, "%s(): no utmp record for %s",
191 __func__
, (const char *)tty
);
192 logwtmp(tty
, "", "");
193 return (PAM_SUCCESS
);
196 if (openpam_get_option(pamh
, "no_fail"))
197 return (PAM_SUCCESS
);
201 PAM_MODULE_ENTRY("pam_lastlog");