William R. Knox
2001-Nov-15 15:09 UTC
Patch for "last" providing incorrect information on Solaris 8
I have put together a simple set of diffs that corrects the problem described by Steven Fishback <sfishback at interpath.net> on 10-30 on this list regarding incorrect information reported by last on Solaris. The patches merely pass along the username in the utmpx record for a logout. Is there any reason why this would be a problem with other OSes? If not, maybe this could be rolled into the port. If so, diddling with configure would be the next step. Any ideas? The diffs are against 3.0p1, by the way. Bill Knox Senior Operating Systems Programmer/Analyst The MITRE Corporation -------------- next part -------------- --- loginrec.c.orig Thu Nov 15 09:35:02 2001 +++ loginrec.c Thu Nov 15 09:38:01 2001 @@ -701,6 +701,7 @@ line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line)); set_utmpx_time(li, utx); utx->ut_pid = li->pid; + strncpy(utx->ut_name, li->username, MIN_SIZEOF(utx->ut_name, li->username)); if (li->type == LTYPE_LOGOUT) return; @@ -711,7 +712,6 @@ */ /* strncpy(): Don't necessarily want null termination */ - strncpy(utx->ut_name, li->username, MIN_SIZEOF(utx->ut_name, li->username)); # ifdef HAVE_HOST_IN_UTMPX strncpy(utx->ut_host, li->hostname, MIN_SIZEOF(utx->ut_host, li->hostname)); # endif @@ -942,9 +942,7 @@ { struct utmpx utx; - memset(&utx, '\0', sizeof(utx)); - set_utmpx_time(li, &utx); - line_stripname(utx.ut_line, li->line, sizeof(utx.ut_line)); + construct_utmpx(li, &utx); # ifdef HAVE_ID_IN_UTMPX line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id)); # endif --- session.c.orig Thu Nov 15 09:35:02 2001 +++ session.c Thu Nov 15 09:38:01 2001 @@ -1856,7 +1856,7 @@ /* Record that the user has logged out. */ if (s->pid != 0) - record_logout(s->pid, s->tty); + record_logout(s->pid, s->tty, s->pw->pw_name); /* Release the pseudo-tty. */ pty_release(s->tty); --- sshlogin.c.orig Thu Nov 15 09:35:02 2001 +++ sshlogin.c Thu Nov 15 09:38:01 2001 @@ -94,11 +94,11 @@ /* Records that the user has logged out. */ void -record_logout(pid_t pid, const char *ttyname) +record_logout(pid_t pid, const char *ttyname, const char *user) { struct logininfo *li; - li = login_alloc_entry(pid, NULL, NULL, ttyname); + li = login_alloc_entry(pid, user, NULL, ttyname); login_logout(li); login_free_entry(li); } --- sshlogin.h.orig Thu Nov 15 09:35:02 2001 +++ sshlogin.h Thu Nov 15 09:38:01 2001 @@ -17,7 +17,7 @@ void record_login(pid_t, const char *, const char *, uid_t, const char *, struct sockaddr *); -void record_logout(pid_t, const char *); +void record_logout(pid_t, const char *, const char *); u_long get_last_login_time(uid_t, const char *, char *, u_int); #endif
Loomis, Rip
2001-Nov-15 16:32 UTC
Patch for "last" providing incorrect information on Solaris 8
If we enhance record_logout to include the username as a passed parameter, it will also help me greatly in getting the Solaris auditing (BSM) support working. (In fact, I was just about to propose it to the list-- it's a non-trivial divergence between the OpenBSD version and Portable, but it's really necessary for BSM.) I would therefore strongly recommend that these patches get rolled into OpenSSH ASAP--since I need to "diddle with configure" already for the BSM parts, I'm going to incorporate these patches into my temporarily-divergent codebase and work on a combined patch. -- Rip Loomis Senior Systems Security Engineer SAIC Center for Information Security Technology> -----Original Message----- > From: William R. Knox [mailto:wknox at mitre.org] > Sent: Thursday, 15 November, 2001 10:10 > To: openssh-unix-dev at mindrot.org > Subject: Patch for "last" providing incorrect information on Solaris 8 > > > I have put together a simple set of diffs that corrects the problem > described by Steven Fishback <sfishback at interpath.net> on > 10-30 on this > list regarding incorrect information reported by last on Solaris. The > patches merely pass along the username in the utmpx record > for a logout. > Is there any reason why this would be a problem with other > OSes? If not, > maybe this could be rolled into the port. If so, diddling > with configure > would be the next step. Any ideas? The diffs are against 3.0p1, by the > way. > > Bill Knox > Senior Operating Systems Programmer/Analyst > The MITRE Corporation >