search for: check_quietlogin

...elf. The task is very simple - just to put one line calling setup_limits(pw); and link with -lshadow. But the problem is, where to put this line. I did it in session.c, in do_child(), like this: #ifdef HAVE_OSF_SIA session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */ /* When PAM is enabled we rely on it to do the nologin check */ if (!options.use_pam) { do_nologin(pw); setup_limits(pw); /* Setting up user limits */ } do_setusercontex...

...41 2001 @@ -128,9 +128,11 @@ void do_exec_no_pty(Session *s, const char *command); void do_login(Session *s, const char *command); void do_child(Session *s, const char *command); +void do_motd(void); void do_authenticated1(Authctxt *authctxt); void do_authenticated2(Authctxt *authctxt); +int check_quietlogin(Session *s, const char *command); /* import */ extern ServerOptions options; @@ -633,8 +635,10 @@ close(ttyfd); /* record login, etc. similar to login(1) */ +#ifndef HAVE_OSF_SIA if (!(options.use_login && command == NULL)) do_login(s, command); +#endif /* Do common...

...make: *** [session.o] Error 2 To work around this I had to add a true prototype: *** session.c.ORIG Sun Sep 16 18:17:15 2001 --- session.c Thu Nov 15 14:45:40 2001 *************** *** 132,137 **** --- 132,140 ---- void do_child(Session *, const char *); void do_motd(void); int check_quietlogin(Session *, const char *); + #ifdef LOGIN_NEEDS_UTMPX + static void do_pre_login(Session *); + #endif static void do_authenticated1(Authctxt *); static void do_authenticated2(Authctxt *); FWIW, -- Rick Troxel rick at helix.nih.gov 301/435-2983 ///////////////////////////////...

...somecommand", it obviously works as expected, but if I do "ssh somehost", I get the "Last login:" line. If I remove the code segment, ".hushlogin" works again. (No big deal. ;-) Although "if (command == NULL)" could be replaced by a call to "if (!check_quietlogin(s, command))" to fix the problem, the double access to ".hushlogin" wouldn't be good programming style. If it's needed more than once, the result of check_quietlogin() could be cached somewhere to avoid unnecessary access to the filesystem. However, besides this (my beloved...

I have tried this with openssh-2.5.2p2 and openssh-SNAP-20010501. I have noticed that with a .hushlogin file in my home directory I still get messages. With the .hushlogin file I get these messages: Last successful login for ricardo: Tue May 1 08:06:00 2001 from blah.mnsu.edu Last unsuccessful login for ricardo: Tue May 1 08:05:21 2001 from blah.mnsu.edu Without the .hushlogin file I get

...ion do_pre_login): ================================== %< =================================================== --- session.c-orig Tue Oct 23 11:13:06 2001 +++ session.c-patched Tue Oct 23 11:19:54 2001 @@ -132,6 +132,9 @@ void do_child(Session *, const char *); void do_motd(void); int check_quietlogin(Session *, const char *); +#ifdef LOGIN_NEEDS_UTMPX +static void do_pre_login(Session *s); +#endif static void do_authenticated1(Authctxt *); static void do_authenticated2(Authctxt *); ================================== %< =================================================== WBR, Alexander Ig...

...ENTICATE */ + /* Fork the child. */ if ((pid = fork()) == 0) { fatal_remove_all_cleanups(); @@ -757,6 +766,13 @@ } #endif +#ifdef WITH_AIXAUTHENTICATE + if (is_aix_password_change_required()) { + printf("%s\n", aixexpiremsg); + do_aix_change_password(pw); + } +#endif + if (check_quietlogin(s, command)) return; @@ -764,7 +780,10 @@ if (!is_pam_password_change_required()) print_pam_messages(); #endif /* USE_PAM */ + #ifdef WITH_AIXAUTHENTICATE + if (!is_aix_password_change_required() && aixexpiremsg && *aixexpiremsg) + printf("%s\n", aixexpiremsg)...

...and Kerberos on Mac OS X 10.6. This works nicely except when you login using SSH and authenticate using password. The problem is that sshd is trying to access the file system before it has a valid Kerberos ticket and therefore it fails to mount the home folder. After some debug, we find sshd calls check_quietlogin() which will stat $HOME/.hushlogin before calling do_pam_setcred(). Is there any workaround to bypass quietlogin checking? I cannot find any. Or please add an option for this purpose. Thanks a lot. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receivi...

http://bugzilla.mindrot.org/show_bug.cgi?id=927 Summary: Last login displayed even when .hushlogin exists Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: trivial Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org

..._mapping), (struct sockaddr *)&from, fromlen); -#ifdef USE_PAM - /* - * If password change is needed, do it now. - * This needs to occur before the ~/.hushlogin check. - */ - if (is_pam_password_change_required()) { - print_pam_messages(); - do_pam_chauthtok(); - } -#endif if (check_quietlogin(s, command)) return; @@ -1238,6 +1242,12 @@ * Reestablish them here. */ do_pam_setcred(0); + + /* + * We need to open the session here because PAM on HP-UX does not + * work after the call to permanently_set_uid. + */ + do_pam_session(pw->pw_name,NULL); # endif /* USE_PAM...

do_pre_login() in session.c is used (in do_exec_pty()) before it's declared, which is causing some problems for me. please move it up a couple hundred lines in the file. patch included for 0807 snapshot. thanks, wendy % diff -u session.c.orig session.c.mod --- session.c.orig Tue Aug 7 13:11:51 2001 +++ session.c.mod Tue Aug 7 16:21:07 2001 @@ -397,6 +397,34 @@ } }

...Tue Sep 3 22:03:16 2002 > @@ -1280,7 +1280,7 @@ > */ > if (!options.use_login) { > #ifdef HAVE_OSF_SIA > - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); > + session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); > if (!check_quietlogin(s, command)) > do_motd(); > #else /* HAVE_OSF_SIA */ > _______________________________________________ > openssh-unix-dev at mindrot.org mailing list > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev > ---------------------------------------------------...

....c Sun Feb 23 20:04:02 2003 +++ openssh/session.c Wed Feb 26 19:43:34 2003 @@ -1320,7 +1320,7 @@ */ if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); + session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */

...-sia.h" #ifdef HAVE_CYGWIN #include <windows.h> @@ -1269,7 +1270,7 @@ */ if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); + PRIVSEP(setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty)); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */

...-sia.h" #ifdef HAVE_CYGWIN #include <windows.h> @@ -1269,7 +1270,7 @@ */ if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); + PRIVSEP(setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty)); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */

...-sia.h" #ifdef HAVE_CYGWIN #include <windows.h> @@ -1269,7 +1270,7 @@ */ if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); + PRIVSEP(setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty)); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */

...@@ void do_exec_pty(Session *s, const char *command); void do_exec_no_pty(Session *s, const char *command); void do_login(Session *s, const char *command); +#ifdef LOGIN_NEEDS_UTMPX +void do_pre_login(Session *s); +#endif void do_child(Session *s, const char *command); void do_motd(void); int check_quietlogin(Session *s, const char *command); @@ -644,6 +647,10 @@ #ifndef HAVE_OSF_SIA if (!(options.use_login && command == NULL)) do_login(s, command); +# ifdef LOGIN_NEEDS_UTMPX + else + do_pre_login(s); +# endif #endif /* Do common processing for the child, such as execing the com...

Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>

...print_pam_messages(); do_pam_chauthtok(); } +#else + buffer_append(&expiremsg, "\0", 1); + if (password_change_required) { + printf("%s\n", (char *)buffer_ptr(&expiremsg)); + fflush(stdout); + password_changed = do_tty_change_password(pw); + } #endif if (check_quietlogin(s, command)) @@ -766,6 +779,9 @@ #ifdef USE_PAM if (options.use_pam && !is_pam_password_change_required()) print_pam_messages(); +#else + if (!password_changed) + printf("%s\n", (char *)buffer_ptr(&expiremsg)); #endif /* USE_PAM */ /* display post-login message */...

...print_pam_messages(); do_pam_chauthtok(); } +#else + buffer_append(&expiremsg, "\0", 1); + if (password_change_required) { + printf("%s\n", (char *)buffer_ptr(&expiremsg)); + fflush(stdout); + password_changed = do_tty_change_password(pw); + } #endif if (check_quietlogin(s, command)) @@ -766,6 +779,9 @@ #ifdef USE_PAM if (options.use_pam && !is_pam_password_change_required()) print_pam_messages(); +#else + if (!password_changed) + printf("%s\n", (char *)buffer_ptr(&expiremsg)); #endif /* USE_PAM */ /* display post-login message */...