2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 ** loginrec.c: platform-independent login recording and lastlog retrieval
33 The new login code explained
34 ============================
36 This code attempts to provide a common interface to login recording
37 (utmp and friends) and last login time retrieval.
39 Its primary means of achieving this is to use 'struct logininfo', a
40 union of all the useful fields in the various different types of
41 system login record structures one finds on UNIX variants.
43 We depend on autoconf to define which recording methods are to be
44 used, and which fields are contained in the relevant data structures
45 on the local system. Many C preprocessor symbols affect which code
48 The code is designed to make it easy to modify a particular
49 recording method, without affecting other methods nor requiring so
50 many nested conditional compilation blocks as were commonplace in
53 For login recording, we try to use the local system's libraries as
54 these are clearly most likely to work correctly. For utmp systems
55 this usually means login() and logout() or setutent() etc., probably
56 in libutil, along with logwtmp() etc. On these systems, we fall back
57 to writing the files directly if we have to, though this method
58 requires very thorough testing so we do not corrupt local auditing
59 information. These files and their access methods are very system
62 For utmpx systems, the corresponding library functions are
63 setutxent() etc. To the author's knowledge, all utmpx systems have
64 these library functions and so no direct write is attempted. If such
65 a system exists and needs support, direct analogues of the [uw]tmp
68 Retrieving the time of last login ('lastlog') is in some ways even
69 more problemmatic than login recording. Some systems provide a
70 simple table of all users which we seek based on uid and retrieve a
71 relatively standard structure. Others record the same information in
72 a directory with a separate file, and others don't record the
73 information separately at all. For systems in the latter category,
74 we look backwards in the wtmp or wtmpx file for the last login entry
75 for our user. Naturally this is slower and on busy systems could
76 incur a significant performance penalty.
81 In OpenSSH all login recording and retrieval is performed in
82 login.c. Here you'll find working examples. Also, in the logintest.c
83 program there are more examples.
85 Internal handler calling method
86 -------------------------------
88 When a call is made to login_login() or login_logout(), both
89 routines set a struct logininfo flag defining which action (log in,
90 or log out) is to be taken. They both then call login_write(), which
91 calls whichever of the many structure-specific handlers autoconf
92 selects for the local system.
94 The handlers themselves handle system data structure specifics. Both
95 struct utmp and struct utmpx have utility functions (see
96 construct_utmp*()) to try to make it simpler to add extra systems
97 that introduce new features to either structure.
99 While it may seem terribly wasteful to replicate so much similar
100 code for each method, experience has shown that maintaining code to
101 write both struct utmp and utmpx in one function, whilst maintaining
102 support for all systems whether they have library support or not, is
103 a difficult and time-consuming task.
105 Lastlog support proceeds similarly. Functions login_get_lastlog()
106 (and its OpenSSH-tuned friend login_get_lastlog_time()) call
107 getlast_entry(), which tries one of three methods to find the last
108 login time. It uses local system lastlog support if it can,
109 otherwise it tries wtmp or wtmpx before giving up and returning 0,
115 In many cases it's possible to tweak autoconf to select the correct
116 methods for a particular platform, either by improving the detection
117 code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
118 symbols for the platform.
120 Use logintest to check which symbols are defined before modifying
121 configure.ac and loginrec.c. (You have to build logintest yourself
122 with 'make logintest' as it's not built by default.)
124 Otherwise, patches to the specific method(s) are very helpful!
130 ** homegrown ttyslot()
137 ** Linux (Redhat 6.2, Debian)
139 ** HP-UX 10.20 (gcc only)
141 ** NeXT - M68k/HPPA/Sparc (4.2/3.3)
143 ** Testing required: Please send reports!
148 ** Platforms with known problems:
149 ** Some variants of Slackware Linux
153 #include "includes.h"
157 #include "loginrec.h"
159 #include "atomicio.h"
161 RCSID("$Id: loginrec.c,v 1.56 2004/04/08 06:16:06 dtucker Exp $");
167 #ifdef HAVE_LIBUTIL_H
168 # include <libutil.h>
172 ** prototypes for helper functions in this file
176 void set_utmp_time(struct logininfo
*li
, struct utmp
*ut
);
177 void construct_utmp(struct logininfo
*li
, struct utmp
*ut
);
181 void set_utmpx_time(struct logininfo
*li
, struct utmpx
*ut
);
182 void construct_utmpx(struct logininfo
*li
, struct utmpx
*ut
);
185 int utmp_write_entry(struct logininfo
*li
);
186 int utmpx_write_entry(struct logininfo
*li
);
187 int wtmp_write_entry(struct logininfo
*li
);
188 int wtmpx_write_entry(struct logininfo
*li
);
189 int lastlog_write_entry(struct logininfo
*li
);
190 int syslogin_write_entry(struct logininfo
*li
);
192 int getlast_entry(struct logininfo
*li
);
193 int lastlog_get_entry(struct logininfo
*li
);
194 int wtmp_get_entry(struct logininfo
*li
);
195 int wtmpx_get_entry(struct logininfo
*li
);
197 /* pick the shortest string */
198 #define MIN_SIZEOF(s1,s2) ( sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2) )
201 ** platform-independent login functions
204 /* login_login(struct logininfo *) -Record a login
206 * Call with a pointer to a struct logininfo initialised with
207 * login_init_entry() or login_alloc_entry()
211 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
214 login_login (struct logininfo
*li
)
216 li
->type
= LTYPE_LOGIN
;
217 return login_write(li
);
221 /* login_logout(struct logininfo *) - Record a logout
223 * Call as with login_login()
227 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
230 login_logout(struct logininfo
*li
)
232 li
->type
= LTYPE_LOGOUT
;
233 return login_write(li
);
236 /* login_get_lastlog_time(int) - Retrieve the last login time
238 * Retrieve the last login time for the given uid. Will try to use the
239 * system lastlog facilities if they are available, but will fall back
240 * to looking in wtmp/wtmpx if necessary
243 * 0 on failure, or if user has never logged in
244 * Time in seconds from the epoch if successful
246 * Useful preprocessor symbols:
247 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
249 * USE_LASTLOG: If set, indicates the presence of system lastlog
250 * facilities. If this and DISABLE_LASTLOG are not set,
251 * try to retrieve lastlog information from wtmp/wtmpx.
254 login_get_lastlog_time(const int uid
)
258 if (login_get_lastlog(&li
, uid
))
264 /* login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
266 * Retrieve a logininfo structure populated (only partially) with
267 * information from the system lastlog data, or from wtmp/wtmpx if no
268 * system lastlog information exists.
270 * Note this routine must be given a pre-allocated logininfo.
273 * >0: A pointer to your struct logininfo if successful
274 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
278 login_get_lastlog(struct logininfo
*li
, const int uid
)
282 memset(li
, '\0', sizeof(*li
));
286 * If we don't have a 'real' lastlog, we need the username to
287 * reliably search wtmp(x) for the last login (see
292 fatal("login_get_lastlog: Cannot find account for uid %i", uid
);
294 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
296 strlcpy(li
->username
, pw
->pw_name
, sizeof(li
->username
));
298 if (getlast_entry(li
))
305 /* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
306 * a logininfo structure
308 * This function creates a new struct logininfo, a data structure
309 * meant to carry the information required to portably record login info.
311 * Returns a pointer to a newly created struct logininfo. If memory
312 * allocation fails, the program halts.
315 logininfo
*login_alloc_entry(int pid
, const char *username
,
316 const char *hostname
, const char *line
)
318 struct logininfo
*newli
;
320 newli
= (struct logininfo
*) xmalloc (sizeof(*newli
));
321 (void)login_init_entry(newli
, pid
, username
, hostname
, line
);
326 /* login_free_entry(struct logininfo *) - free struct memory */
328 login_free_entry(struct logininfo
*li
)
334 /* login_init_entry(struct logininfo *, int, char*, char*, char*)
335 * - initialise a struct logininfo
337 * Populates a new struct logininfo, a data structure meant to carry
338 * the information required to portably record login info.
343 login_init_entry(struct logininfo
*li
, int pid
, const char *username
,
344 const char *hostname
, const char *line
)
348 memset(li
, 0, sizeof(*li
));
352 /* set the line information */
354 line_fullname(li
->line
, line
, sizeof(li
->line
));
357 strlcpy(li
->username
, username
, sizeof(li
->username
));
358 pw
= getpwnam(li
->username
);
360 fatal("login_init_entry: Cannot find user \"%s\"", li
->username
);
361 li
->uid
= pw
->pw_uid
;
365 strlcpy(li
->hostname
, hostname
, sizeof(li
->hostname
));
370 /* login_set_current_time(struct logininfo *) - set the current time
372 * Set the current time in a logininfo structure. This function is
373 * meant to eliminate the need to deal with system dependencies for
377 login_set_current_time(struct logininfo
*li
)
381 gettimeofday(&tv
, NULL
);
383 li
->tv_sec
= tv
.tv_sec
;
384 li
->tv_usec
= tv
.tv_usec
;
387 /* copy a sockaddr_* into our logininfo */
389 login_set_addr(struct logininfo
*li
, const struct sockaddr
*sa
,
390 const unsigned int sa_size
)
392 unsigned int bufsize
= sa_size
;
394 /* make sure we don't overrun our union */
395 if (sizeof(li
->hostaddr
) < sa_size
)
396 bufsize
= sizeof(li
->hostaddr
);
398 memcpy((void *)&(li
->hostaddr
.sa
), (const void *)sa
, bufsize
);
403 ** login_write: Call low-level recording functions based on autoconf
407 login_write (struct logininfo
*li
)
410 if ((int)geteuid() != 0) {
411 logit("Attempt to write login records by non-root user (aborting)");
416 /* set the timestamp */
417 login_set_current_time(li
);
419 syslogin_write_entry(li
);
422 if (li
->type
== LTYPE_LOGIN
) {
423 lastlog_write_entry(li
);
427 utmp_write_entry(li
);
430 wtmp_write_entry(li
);
433 utmpx_write_entry(li
);
436 wtmpx_write_entry(li
);
441 #ifdef LOGIN_NEEDS_UTMPX
443 login_utmp_only(struct logininfo
*li
)
445 li
->type
= LTYPE_LOGIN
;
446 login_set_current_time(li
);
448 utmp_write_entry(li
);
451 wtmp_write_entry(li
);
454 utmpx_write_entry(li
);
457 wtmpx_write_entry(li
);
464 ** getlast_entry: Call low-level functions to retrieve the last login
468 /* take the uid in li and return the last login time */
470 getlast_entry(struct logininfo
*li
)
473 return(lastlog_get_entry(li
));
474 #else /* !USE_LASTLOG */
476 #ifdef DISABLE_LASTLOG
477 /* On some systems we shouldn't even try to obtain last login
480 # else /* DISABLE_LASTLOG */
481 /* Try to retrieve the last login time from wtmp */
482 # if defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
483 /* retrieve last login time from utmp */
484 return (wtmp_get_entry(li
));
485 # else /* defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) */
486 /* If wtmp isn't available, try wtmpx */
487 # if defined(USE_WTMPX) && (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
488 /* retrieve last login time from utmpx */
489 return (wtmpx_get_entry(li
));
491 /* Give up: No means of retrieving last login time */
493 # endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */
494 # endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */
495 # endif /* DISABLE_LASTLOG */
496 #endif /* USE_LASTLOG */
502 * 'line' string utility functions
504 * These functions process the 'line' string into one of three forms:
506 * 1. The full filename (including '/dev')
507 * 2. The stripped name (excluding '/dev')
508 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
509 * /dev/pts/1 -> ts/1 )
511 * Form 3 is used on some systems to identify a .tmp.? entry when
512 * attempting to remove it. Typically both addition and removal is
513 * performed by one application - say, sshd - so as long as the choice
514 * uniquely identifies a terminal it's ok.
518 /* line_fullname(): add the leading '/dev/' if it doesn't exist make
519 * sure dst has enough space, if not just copy src (ugh) */
521 line_fullname(char *dst
, const char *src
, int dstsize
)
523 memset(dst
, '\0', dstsize
);
524 if ((strncmp(src
, "/dev/", 5) == 0) || (dstsize
< (strlen(src
) + 5))) {
525 strlcpy(dst
, src
, dstsize
);
527 strlcpy(dst
, "/dev/", dstsize
);
528 strlcat(dst
, src
, dstsize
);
533 /* line_stripname(): strip the leading '/dev' if it exists, return dst */
535 line_stripname(char *dst
, const char *src
, int dstsize
)
537 memset(dst
, '\0', dstsize
);
538 if (strncmp(src
, "/dev/", 5) == 0)
539 strlcpy(dst
, src
+ 5, dstsize
);
541 strlcpy(dst
, src
, dstsize
);
545 /* line_abbrevname(): Return the abbreviated (usually four-character)
546 * form of the line (Just use the last <dstsize> characters of the
549 * NOTE: use strncpy because we do NOT necessarily want zero
552 line_abbrevname(char *dst
, const char *src
, int dstsize
)
556 memset(dst
, '\0', dstsize
);
558 /* Always skip prefix if present */
559 if (strncmp(src
, "/dev/", 5) == 0)
562 #ifdef WITH_ABBREV_NO_TTY
563 if (strncmp(src
, "tty", 3) == 0)
570 if (((int)len
- dstsize
) > 0)
571 src
+= ((int)len
- dstsize
);
573 /* note: _don't_ change this to strlcpy */
574 strncpy(dst
, src
, (size_t)dstsize
);
581 ** utmp utility functions
583 ** These functions manipulate struct utmp, taking system differences
587 #if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
589 /* build the utmp structure */
591 set_utmp_time(struct logininfo
*li
, struct utmp
*ut
)
593 # ifdef HAVE_TV_IN_UTMP
594 ut
->ut_tv
.tv_sec
= li
->tv_sec
;
595 ut
->ut_tv
.tv_usec
= li
->tv_usec
;
597 # ifdef HAVE_TIME_IN_UTMP
598 ut
->ut_time
= li
->tv_sec
;
604 construct_utmp(struct logininfo
*li
,
607 # ifdef HAVE_ADDR_V6_IN_UTMP
608 struct sockaddr_in6
*sa6
;
610 memset(ut
, '\0', sizeof(*ut
));
612 /* First fill out fields used for both logins and logouts */
614 # ifdef HAVE_ID_IN_UTMP
615 line_abbrevname(ut
->ut_id
, li
->line
, sizeof(ut
->ut_id
));
618 # ifdef HAVE_TYPE_IN_UTMP
619 /* This is done here to keep utmp constants out of struct logininfo */
622 ut
->ut_type
= USER_PROCESS
;
628 ut
->ut_type
= DEAD_PROCESS
;
630 cray_retain_utmp(ut
, li
->pid
);
635 set_utmp_time(li
, ut
);
637 line_stripname(ut
->ut_line
, li
->line
, sizeof(ut
->ut_line
));
639 # ifdef HAVE_PID_IN_UTMP
640 ut
->ut_pid
= li
->pid
;
643 /* If we're logging out, leave all other fields blank */
644 if (li
->type
== LTYPE_LOGOUT
)
648 * These fields are only used when logging in, and are blank
652 /* Use strncpy because we don't necessarily want null termination */
653 strncpy(ut
->ut_name
, li
->username
, MIN_SIZEOF(ut
->ut_name
, li
->username
));
654 # ifdef HAVE_HOST_IN_UTMP
655 strncpy(ut
->ut_host
, li
->hostname
, MIN_SIZEOF(ut
->ut_host
, li
->hostname
));
657 # ifdef HAVE_ADDR_IN_UTMP
658 /* this is just a 32-bit IP address */
659 if (li
->hostaddr
.sa
.sa_family
== AF_INET
)
660 ut
->ut_addr
= li
->hostaddr
.sa_in
.sin_addr
.s_addr
;
662 # ifdef HAVE_ADDR_V6_IN_UTMP
663 /* this is just a 128-bit IPv6 address */
664 if (li
->hostaddr
.sa
.sa_family
== AF_INET6
) {
665 sa6
= ((struct sockaddr_in6
*)&li
->hostaddr
.sa
);
666 memcpy(ut
->ut_addr_v6
, sa6
->sin6_addr
.s6_addr
, 16);
667 if (IN6_IS_ADDR_V4MAPPED(&sa6
->sin6_addr
)) {
668 ut
->ut_addr_v6
[0] = ut
->ut_addr_v6
[3];
669 ut
->ut_addr_v6
[1] = 0;
670 ut
->ut_addr_v6
[2] = 0;
671 ut
->ut_addr_v6
[3] = 0;
676 #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
679 ** utmpx utility functions
681 ** These functions manipulate struct utmpx, accounting for system
685 #if defined(USE_UTMPX) || defined (USE_WTMPX)
686 /* build the utmpx structure */
688 set_utmpx_time(struct logininfo
*li
, struct utmpx
*utx
)
690 # ifdef HAVE_TV_IN_UTMPX
691 utx
->ut_tv
.tv_sec
= li
->tv_sec
;
692 utx
->ut_tv
.tv_usec
= li
->tv_usec
;
693 # else /* HAVE_TV_IN_UTMPX */
694 # ifdef HAVE_TIME_IN_UTMPX
695 utx
->ut_time
= li
->tv_sec
;
696 # endif /* HAVE_TIME_IN_UTMPX */
697 # endif /* HAVE_TV_IN_UTMPX */
701 construct_utmpx(struct logininfo
*li
, struct utmpx
*utx
)
703 # ifdef HAVE_ADDR_V6_IN_UTMP
704 struct sockaddr_in6
*sa6
;
706 memset(utx
, '\0', sizeof(*utx
));
707 # ifdef HAVE_ID_IN_UTMPX
708 line_abbrevname(utx
->ut_id
, li
->line
, sizeof(utx
->ut_id
));
711 /* this is done here to keep utmp constants out of loginrec.h */
714 utx
->ut_type
= USER_PROCESS
;
717 utx
->ut_type
= DEAD_PROCESS
;
720 line_stripname(utx
->ut_line
, li
->line
, sizeof(utx
->ut_line
));
721 set_utmpx_time(li
, utx
);
722 utx
->ut_pid
= li
->pid
;
723 /* strncpy(): Don't necessarily want null termination */
724 strncpy(utx
->ut_name
, li
->username
, MIN_SIZEOF(utx
->ut_name
, li
->username
));
726 if (li
->type
== LTYPE_LOGOUT
)
730 * These fields are only used when logging in, and are blank
734 # ifdef HAVE_HOST_IN_UTMPX
735 strncpy(utx
->ut_host
, li
->hostname
, MIN_SIZEOF(utx
->ut_host
, li
->hostname
));
737 # ifdef HAVE_ADDR_IN_UTMPX
738 /* this is just a 32-bit IP address */
739 if (li
->hostaddr
.sa
.sa_family
== AF_INET
)
740 utx
->ut_addr
= li
->hostaddr
.sa_in
.sin_addr
.s_addr
;
742 # ifdef HAVE_ADDR_V6_IN_UTMP
743 /* this is just a 128-bit IPv6 address */
744 if (li
->hostaddr
.sa
.sa_family
== AF_INET6
) {
745 sa6
= ((struct sockaddr_in6
*)&li
->hostaddr
.sa
);
746 memcpy(ut
->ut_addr_v6
, sa6
->sin6_addr
.s6_addr
, 16);
747 if (IN6_IS_ADDR_V4MAPPED(&sa6
->sin6_addr
)) {
748 ut
->ut_addr_v6
[0] = ut
->ut_addr_v6
[3];
749 ut
->ut_addr_v6
[1] = 0;
750 ut
->ut_addr_v6
[2] = 0;
751 ut
->ut_addr_v6
[3] = 0;
755 # ifdef HAVE_SYSLEN_IN_UTMPX
756 /* ut_syslen is the length of the utx_host string */
757 utx
->ut_syslen
= MIN(strlen(li
->hostname
), sizeof(utx
->ut_host
));
760 #endif /* USE_UTMPX || USE_WTMPX */
763 ** Low-level utmp functions
766 /* FIXME: (ATL) utmp_write_direct needs testing */
769 /* if we can, use pututline() etc. */
770 # if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
771 defined(HAVE_PUTUTLINE)
772 # define UTMP_USE_LIBRARY
776 /* write a utmp entry with the system's help (pututline() and pals) */
777 # ifdef UTMP_USE_LIBRARY
779 utmp_write_library(struct logininfo
*li
, struct utmp
*ut
)
784 # ifdef HAVE_ENDUTENT
789 # else /* UTMP_USE_LIBRARY */
791 /* write a utmp entry direct to the file */
792 /* This is a slightly modification of code in OpenBSD's login.c */
794 utmp_write_direct(struct logininfo
*li
, struct utmp
*ut
)
800 /* FIXME: (ATL) ttyslot() needs local implementation */
802 #if defined(HAVE_GETTTYENT)
803 register struct ttyent
*ty
;
808 while ((struct ttyent
*)0 != (ty
= getttyent())) {
810 if (!strncmp(ty
->ty_name
, ut
->ut_line
, sizeof(ut
->ut_line
)))
815 if((struct ttyent
*)0 == ty
) {
816 logit("utmp_write_entry: tty not found");
821 tty
= ttyslot(); /* seems only to work for /dev/ttyp? style names */
823 #endif /* HAVE_GETTTYENT */
825 if (tty
> 0 && (fd
= open(UTMP_FILE
, O_RDWR
|O_CREAT
, 0644)) >= 0) {
826 (void)lseek(fd
, (off_t
)(tty
* sizeof(struct utmp
)), SEEK_SET
);
828 * Prevent luser from zero'ing out ut_host.
829 * If the new ut_line is empty but the old one is not
830 * and ut_line and ut_name match, preserve the old ut_line.
832 if (atomicio(read
, fd
, &old_ut
, sizeof(old_ut
)) == sizeof(old_ut
) &&
833 (ut
->ut_host
[0] == '\0') && (old_ut
.ut_host
[0] != '\0') &&
834 (strncmp(old_ut
.ut_line
, ut
->ut_line
, sizeof(ut
->ut_line
)) == 0) &&
835 (strncmp(old_ut
.ut_name
, ut
->ut_name
, sizeof(ut
->ut_name
)) == 0)) {
836 (void)memcpy(ut
->ut_host
, old_ut
.ut_host
, sizeof(ut
->ut_host
));
839 (void)lseek(fd
, (off_t
)(tty
* sizeof(struct utmp
)), SEEK_SET
);
840 if (atomicio(vwrite
, fd
, ut
, sizeof(*ut
)) != sizeof(*ut
))
841 logit("utmp_write_direct: error writing %s: %s",
842 UTMP_FILE
, strerror(errno
));
850 # endif /* UTMP_USE_LIBRARY */
853 utmp_perform_login(struct logininfo
*li
)
857 construct_utmp(li
, &ut
);
858 # ifdef UTMP_USE_LIBRARY
859 if (!utmp_write_library(li
, &ut
)) {
860 logit("utmp_perform_login: utmp_write_library() failed");
864 if (!utmp_write_direct(li
, &ut
)) {
865 logit("utmp_perform_login: utmp_write_direct() failed");
874 utmp_perform_logout(struct logininfo
*li
)
878 construct_utmp(li
, &ut
);
879 # ifdef UTMP_USE_LIBRARY
880 if (!utmp_write_library(li
, &ut
)) {
881 logit("utmp_perform_logout: utmp_write_library() failed");
885 if (!utmp_write_direct(li
, &ut
)) {
886 logit("utmp_perform_logout: utmp_write_direct() failed");
895 utmp_write_entry(struct logininfo
*li
)
899 return utmp_perform_login(li
);
902 return utmp_perform_logout(li
);
905 logit("utmp_write_entry: invalid type field");
909 #endif /* USE_UTMP */
913 ** Low-level utmpx functions
916 /* not much point if we don't want utmpx entries */
919 /* if we have the wherewithall, use pututxline etc. */
920 # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
921 defined(HAVE_PUTUTXLINE)
922 # define UTMPX_USE_LIBRARY
926 /* write a utmpx entry with the system's help (pututxline() and pals) */
927 # ifdef UTMPX_USE_LIBRARY
929 utmpx_write_library(struct logininfo
*li
, struct utmpx
*utx
)
934 # ifdef HAVE_ENDUTXENT
940 # else /* UTMPX_USE_LIBRARY */
942 /* write a utmp entry direct to the file */
944 utmpx_write_direct(struct logininfo
*li
, struct utmpx
*utx
)
946 logit("utmpx_write_direct: not implemented!");
949 # endif /* UTMPX_USE_LIBRARY */
952 utmpx_perform_login(struct logininfo
*li
)
956 construct_utmpx(li
, &utx
);
957 # ifdef UTMPX_USE_LIBRARY
958 if (!utmpx_write_library(li
, &utx
)) {
959 logit("utmpx_perform_login: utmp_write_library() failed");
963 if (!utmpx_write_direct(li
, &ut
)) {
964 logit("utmpx_perform_login: utmp_write_direct() failed");
973 utmpx_perform_logout(struct logininfo
*li
)
977 construct_utmpx(li
, &utx
);
978 # ifdef HAVE_ID_IN_UTMPX
979 line_abbrevname(utx
.ut_id
, li
->line
, sizeof(utx
.ut_id
));
981 # ifdef HAVE_TYPE_IN_UTMPX
982 utx
.ut_type
= DEAD_PROCESS
;
985 # ifdef UTMPX_USE_LIBRARY
986 utmpx_write_library(li
, &utx
);
988 utmpx_write_direct(li
, &utx
);
994 utmpx_write_entry(struct logininfo
*li
)
998 return utmpx_perform_login(li
);
1000 return utmpx_perform_logout(li
);
1002 logit("utmpx_write_entry: invalid type field");
1006 #endif /* USE_UTMPX */
1010 ** Low-level wtmp functions
1015 /* write a wtmp entry direct to the end of the file */
1016 /* This is a slight modification of code in OpenBSD's logwtmp.c */
1018 wtmp_write(struct logininfo
*li
, struct utmp
*ut
)
1023 if ((fd
= open(WTMP_FILE
, O_WRONLY
|O_APPEND
, 0)) < 0) {
1024 logit("wtmp_write: problem writing %s: %s",
1025 WTMP_FILE
, strerror(errno
));
1028 if (fstat(fd
, &buf
) == 0)
1029 if (atomicio(vwrite
, fd
, ut
, sizeof(*ut
)) != sizeof(*ut
)) {
1030 ftruncate(fd
, buf
.st_size
);
1031 logit("wtmp_write: problem writing %s: %s",
1032 WTMP_FILE
, strerror(errno
));
1040 wtmp_perform_login(struct logininfo
*li
)
1044 construct_utmp(li
, &ut
);
1045 return wtmp_write(li
, &ut
);
1050 wtmp_perform_logout(struct logininfo
*li
)
1054 construct_utmp(li
, &ut
);
1055 return wtmp_write(li
, &ut
);
1060 wtmp_write_entry(struct logininfo
*li
)
1064 return wtmp_perform_login(li
);
1066 return wtmp_perform_logout(li
);
1068 logit("wtmp_write_entry: invalid type field");
1074 /* Notes on fetching login data from wtmp/wtmpx
1076 * Logouts are usually recorded with (amongst other things) a blank
1077 * username on a given tty line. However, some systems (HP-UX is one)
1078 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1080 * Since we're only looking for logins here, we know that the username
1081 * must be set correctly. On systems that leave it in, we check for
1082 * ut_type==USER_PROCESS (indicating a login.)
1084 * Portability: Some systems may set something other than USER_PROCESS
1085 * to indicate a login process. I don't know of any as I write. Also,
1086 * it's possible that some systems may both leave the username in
1087 * place and not have ut_type.
1090 /* return true if this wtmp entry indicates a login */
1092 wtmp_islogin(struct logininfo
*li
, struct utmp
*ut
)
1094 if (strncmp(li
->username
, ut
->ut_name
,
1095 MIN_SIZEOF(li
->username
, ut
->ut_name
)) == 0) {
1096 # ifdef HAVE_TYPE_IN_UTMP
1097 if (ut
->ut_type
& USER_PROCESS
)
1107 wtmp_get_entry(struct logininfo
*li
)
1113 /* Clear the time entries in our logininfo */
1114 li
->tv_sec
= li
->tv_usec
= 0;
1116 if ((fd
= open(WTMP_FILE
, O_RDONLY
)) < 0) {
1117 logit("wtmp_get_entry: problem opening %s: %s",
1118 WTMP_FILE
, strerror(errno
));
1121 if (fstat(fd
, &st
) != 0) {
1122 logit("wtmp_get_entry: couldn't stat %s: %s",
1123 WTMP_FILE
, strerror(errno
));
1128 /* Seek to the start of the last struct utmp */
1129 if (lseek(fd
, -(off_t
)sizeof(struct utmp
), SEEK_END
) == -1) {
1130 /* Looks like we've got a fresh wtmp file */
1136 if (atomicio(read
, fd
, &ut
, sizeof(ut
)) != sizeof(ut
)) {
1137 logit("wtmp_get_entry: read of %s failed: %s",
1138 WTMP_FILE
, strerror(errno
));
1142 if ( wtmp_islogin(li
, &ut
) ) {
1144 /* We've already checked for a time in struct
1145 * utmp, in login_getlast(). */
1146 # ifdef HAVE_TIME_IN_UTMP
1147 li
->tv_sec
= ut
.ut_time
;
1149 # if HAVE_TV_IN_UTMP
1150 li
->tv_sec
= ut
.ut_tv
.tv_sec
;
1153 line_fullname(li
->line
, ut
.ut_line
,
1154 MIN_SIZEOF(li
->line
, ut
.ut_line
));
1155 # ifdef HAVE_HOST_IN_UTMP
1156 strlcpy(li
->hostname
, ut
.ut_host
,
1157 MIN_SIZEOF(li
->hostname
, ut
.ut_host
));
1161 /* Seek back 2 x struct utmp */
1162 if (lseek(fd
, -(off_t
)(2 * sizeof(struct utmp
)), SEEK_CUR
) == -1) {
1163 /* We've found the start of the file, so quit */
1169 /* We found an entry. Tidy up and return */
1173 # endif /* USE_WTMP */
1177 ** Low-level wtmpx functions
1181 /* write a wtmpx entry direct to the end of the file */
1182 /* This is a slight modification of code in OpenBSD's logwtmp.c */
1184 wtmpx_write(struct logininfo
*li
, struct utmpx
*utx
)
1186 #ifndef HAVE_UPDWTMPX
1190 if ((fd
= open(WTMPX_FILE
, O_WRONLY
|O_APPEND
, 0)) < 0) {
1191 logit("wtmpx_write: problem opening %s: %s",
1192 WTMPX_FILE
, strerror(errno
));
1196 if (fstat(fd
, &buf
) == 0)
1197 if (atomicio(vwrite
, fd
, utx
, sizeof(*utx
)) != sizeof(*utx
)) {
1198 ftruncate(fd
, buf
.st_size
);
1199 logit("wtmpx_write: problem writing %s: %s",
1200 WTMPX_FILE
, strerror(errno
));
1207 updwtmpx(WTMPX_FILE
, utx
);
1214 wtmpx_perform_login(struct logininfo
*li
)
1218 construct_utmpx(li
, &utx
);
1219 return wtmpx_write(li
, &utx
);
1224 wtmpx_perform_logout(struct logininfo
*li
)
1228 construct_utmpx(li
, &utx
);
1229 return wtmpx_write(li
, &utx
);
1234 wtmpx_write_entry(struct logininfo
*li
)
1238 return wtmpx_perform_login(li
);
1240 return wtmpx_perform_logout(li
);
1242 logit("wtmpx_write_entry: invalid type field");
1247 /* Please see the notes above wtmp_islogin() for information about the
1248 next two functions */
1250 /* Return true if this wtmpx entry indicates a login */
1252 wtmpx_islogin(struct logininfo
*li
, struct utmpx
*utx
)
1254 if ( strncmp(li
->username
, utx
->ut_name
,
1255 MIN_SIZEOF(li
->username
, utx
->ut_name
)) == 0 ) {
1256 # ifdef HAVE_TYPE_IN_UTMPX
1257 if (utx
->ut_type
== USER_PROCESS
)
1268 wtmpx_get_entry(struct logininfo
*li
)
1274 /* Clear the time entries */
1275 li
->tv_sec
= li
->tv_usec
= 0;
1277 if ((fd
= open(WTMPX_FILE
, O_RDONLY
)) < 0) {
1278 logit("wtmpx_get_entry: problem opening %s: %s",
1279 WTMPX_FILE
, strerror(errno
));
1282 if (fstat(fd
, &st
) != 0) {
1283 logit("wtmpx_get_entry: couldn't stat %s: %s",
1284 WTMPX_FILE
, strerror(errno
));
1289 /* Seek to the start of the last struct utmpx */
1290 if (lseek(fd
, -(off_t
)sizeof(struct utmpx
), SEEK_END
) == -1 ) {
1291 /* probably a newly rotated wtmpx file */
1297 if (atomicio(read
, fd
, &utx
, sizeof(utx
)) != sizeof(utx
)) {
1298 logit("wtmpx_get_entry: read of %s failed: %s",
1299 WTMPX_FILE
, strerror(errno
));
1303 /* Logouts are recorded as a blank username on a particular line.
1304 * So, we just need to find the username in struct utmpx */
1305 if ( wtmpx_islogin(li
, &utx
) ) {
1307 # ifdef HAVE_TV_IN_UTMPX
1308 li
->tv_sec
= utx
.ut_tv
.tv_sec
;
1310 # ifdef HAVE_TIME_IN_UTMPX
1311 li
->tv_sec
= utx
.ut_time
;
1314 line_fullname(li
->line
, utx
.ut_line
, sizeof(li
->line
));
1315 # ifdef HAVE_HOST_IN_UTMPX
1316 strlcpy(li
->hostname
, utx
.ut_host
,
1317 MIN_SIZEOF(li
->hostname
, utx
.ut_host
));
1321 if (lseek(fd
, -(off_t
)(2 * sizeof(struct utmpx
)), SEEK_CUR
) == -1) {
1330 #endif /* USE_WTMPX */
1333 ** Low-level libutil login() functions
1338 syslogin_perform_login(struct logininfo
*li
)
1342 if (! (ut
= (struct utmp
*)malloc(sizeof(*ut
)))) {
1343 logit("syslogin_perform_login: couldn't malloc()");
1346 construct_utmp(li
, ut
);
1354 syslogin_perform_logout(struct logininfo
*li
)
1357 char line
[UT_LINESIZE
];
1359 (void)line_stripname(line
, li
->line
, sizeof(line
));
1361 if (!logout(line
)) {
1362 logit("syslogin_perform_logout: logout() returned an error");
1363 # ifdef HAVE_LOGWTMP
1365 logwtmp(line
, "", "");
1368 /* FIXME: (ATL - if the need arises) What to do if we have
1369 * login, but no logout? what if logout but no logwtmp? All
1370 * routines are in libutil so they should all be there,
1377 syslogin_write_entry(struct logininfo
*li
)
1381 return syslogin_perform_login(li
);
1383 return syslogin_perform_logout(li
);
1385 logit("syslogin_write_entry: Invalid type field");
1389 #endif /* USE_LOGIN */
1391 /* end of file log-syslogin.c */
1394 ** Low-level lastlog functions
1403 lastlog_construct(struct logininfo
*li
, struct lastlog
*last
)
1405 /* clear the structure */
1406 memset(last
, '\0', sizeof(*last
));
1408 (void)line_stripname(last
->ll_line
, li
->line
, sizeof(last
->ll_line
));
1409 strlcpy(last
->ll_host
, li
->hostname
,
1410 MIN_SIZEOF(last
->ll_host
, li
->hostname
));
1411 last
->ll_time
= li
->tv_sec
;
1415 lastlog_filetype(char *filename
)
1419 if (stat(LASTLOG_FILE
, &st
) != 0) {
1420 logit("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE
,
1424 if (S_ISDIR(st
.st_mode
))
1426 else if (S_ISREG(st
.st_mode
))
1433 /* open the file (using filemode) and seek to the login entry */
1435 lastlog_openseek(struct logininfo
*li
, int *fd
, int filemode
)
1439 char lastlog_file
[1024];
1441 type
= lastlog_filetype(LASTLOG_FILE
);
1444 strlcpy(lastlog_file
, LASTLOG_FILE
, sizeof(lastlog_file
));
1447 snprintf(lastlog_file
, sizeof(lastlog_file
), "%s/%s",
1448 LASTLOG_FILE
, li
->username
);
1451 logit("lastlog_openseek: %.100s is not a file or directory!",
1456 *fd
= open(lastlog_file
, filemode
, 0600);
1458 debug("lastlog_openseek: Couldn't open %s: %s",
1459 lastlog_file
, strerror(errno
));
1463 if (type
== LL_FILE
) {
1464 /* find this uid's offset in the lastlog file */
1465 offset
= (off_t
) ((long)li
->uid
* sizeof(struct lastlog
));
1467 if ( lseek(*fd
, offset
, SEEK_SET
) != offset
) {
1468 logit("lastlog_openseek: %s->lseek(): %s",
1469 lastlog_file
, strerror(errno
));
1478 lastlog_perform_login(struct logininfo
*li
)
1480 struct lastlog last
;
1483 /* create our struct lastlog */
1484 lastlog_construct(li
, &last
);
1486 if (!lastlog_openseek(li
, &fd
, O_RDWR
|O_CREAT
))
1489 /* write the entry */
1490 if (atomicio(vwrite
, fd
, &last
, sizeof(last
)) != sizeof(last
)) {
1492 logit("lastlog_write_filemode: Error writing to %s: %s",
1493 LASTLOG_FILE
, strerror(errno
));
1502 lastlog_write_entry(struct logininfo
*li
)
1506 return lastlog_perform_login(li
);
1508 logit("lastlog_write_entry: Invalid type field");
1514 lastlog_populate_entry(struct logininfo
*li
, struct lastlog
*last
)
1516 line_fullname(li
->line
, last
->ll_line
, sizeof(li
->line
));
1517 strlcpy(li
->hostname
, last
->ll_host
,
1518 MIN_SIZEOF(li
->hostname
, last
->ll_host
));
1519 li
->tv_sec
= last
->ll_time
;
1523 lastlog_get_entry(struct logininfo
*li
)
1525 struct lastlog last
;
1528 if (!lastlog_openseek(li
, &fd
, O_RDONLY
))
1531 ret
= atomicio(read
, fd
, &last
, sizeof(last
));
1536 memset(&last
, '\0', sizeof(last
));
1539 lastlog_populate_entry(li
, &last
);
1542 error("%s: Error reading from %s: %s", __func__
,
1543 LASTLOG_FILE
, strerror(errno
));
1546 error("%s: Error reading from %s: Expecting %d, got %d",
1547 __func__
, LASTLOG_FILE
, sizeof(last
), ret
);
1554 #endif /* USE_LASTLOG */