openssh unix dev - Aug 2002 - [Bug 378] New: sshd does not update utmp/utmpx records correctly when "UseLogin" feature on

http://bugzilla.mindrot.org/show_bug.cgi?id=378

           Summary:                        sshd does not update utmp/utmpx
                    records correctly when "UseLogin" feature on
           Product: Portable OpenSSH
           Version: -current
          Platform: MIPS
        OS/Version: IRIX
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: drk at sgi.com


A customer called in complaining that when he logs into an Irix system
 using ssh and the irix system runs any flavor of sshd, that who/finger type
 utilities do not see his login, thus preventing himself as well
 as others to see who is logged in.  The customer was using different
 levels of Irix and the latest openssh he used was 3.4p1.

 The kicker here is that he had the "UseLogin" feature turned on, i.e.
 via the sshd_config file.  I guess this causes a double login, i.e.
 the password is asked for twice in order to create some type
 of AFS token.  Anyway, not using this feature, the utmp/utmpx
 records get created correctly but when the feature is on,
 the utmp/utmpx records do not get updated correctly.

 I did some testing and found the following.

 sshd via session.c and loginrec.c do all the login
 prep work as well are responsible to update the utmp/utmpx
 accounting files.  Based on what sshd writes into the
 utmp/utmpx records, Irix's login/scheme code will
 update it with some other info.  However, since the
 records were not updated properly by sshd, login/scheme
 basically ignores updating the records.  I'll explain why
 below.

 -in the utmp/utmpx records, there is field, ut_type
 that records what state the record/user is in, i.e.

 #define EMPTY           0
 #define RUN_LVL         1
 #define BOOT_TIME       2
 #define OLD_TIME        3
 #define NEW_TIME        4
 #define INIT_PROCESS    5       /* Process spawned by "init" */
 #define LOGIN_PROCESS   6       /* A "getty" process waiting for
login */
 #define USER_PROCESS    7       /* A user process */
 #define DEAD_PROCESS    8
 #define ACCOUNTING      9


 sshd is supposed to put the records, both utmp and utmpx,
 into the USER_PROCESS state.  In the case where you do not use the
 "UseLogin yes", only one login/passwd is issued, it works properly,
 i.e. sshd places the record(s) into USER_PROCESS state and
 login/scheme sees that they are valid and updates the record(s).
 Utilities like who/finger/last work properly.
 In the case where you do use "UseLogin yes", which causes 
 sshd to login twice, session.c uses different logic where
 it does not call the proper routines in loginrec.c to
 update the utmp/utmpx records with the proper state, i.e.
 it does not update the records to USER_PROCESS state.
 In fact, it does not touch this field, i.e. they are 0
 or maybe set to DEAD_PROCESS but for sure it does not set
 the field to USER_PROCESS.

 Now when Irix's login/scheme sees these records and does not
 find the state to be either USER_PROCESS or INIT_PROCESS,
 it does not update some of the other fields.....but no big deal.
 The utilities like who/finger/last only look at ut_type to see
 if the user is active but if they do not see USER_PROCESS or 
 INIT_PROCESS, then they will ignore the entrys.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.