Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Jan 2004 16:12:09 -0800 (PST)
From:      "Joe R. Doupnik" <jrd@cc.usu.edu>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/61657: Fix pam_lastlog.so
Message-ID:  <200401210012.i0L0C987061084@www.freebsd.org>
Resent-Message-ID: <200401210020.i0L0KHpi090351@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         61657
>Category:       bin
>Synopsis:       Fix pam_lastlog.so
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 20 16:20:17 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Joe R. Doupnik
>Release:        5.2-RELEASE
>Organization:
Utah State Uniiversity
>Environment:
netlab1# uname -a
FreeBSD netlab1.usu.edu 5.2-RELEASE FreeBSD 5.2-RELEASE #1: Sat Jan 17 10:36:44 MST 2004     root@netlab1.usu.edu:/usr/src/sys/i386/compile/JRD  i386
netlab1#   
>Description:
      PAM module pam_lastlog.so is quite useful, in principle, only if
it would work correctly. It does not presently. Below is the code
added to finish the module so that it does work fine. Luckily it is
short.

 By the way, I send changes of vsftpd (FTP daemon) to the original author so that it would work correctly with PAM and pam_lastlog.
But that's not the subject of this message.

>How-To-Repeat:
      
>Fix:
    File /usr/sys/lib/libpam/modules/pam_lastlog/pam_lastlog.c

/* This routine was empty and did nothing. Filled in to work correctly
   by Joe R. Doupnik, jrd@cc.usu.edu, Utah State Univ, Jan 2004 */

PAM_EXTERN int
pam_sm_close_session(pam_handle_t *pamh __unused, int flags __unused,
    int argc __unused, const char *argv[] __unused)
{
        const char *tty;

        /*
         * Record session in utmp(5) and wtmp(5).
         */

        /* note: does not need to be NUL-terminated */
        pam_get_item(pamh, PAM_TTY, (const void **)&tty);
        /* strip /dev prefix, if any */
        if (strncmp(tty, _PATH_DEV, strlen(_PATH_DEV)) == 0)
                tty += strlen(_PATH_DEV);
        if (logout(tty) != 1)   /* write logout signature to utmp */
                syslog(LOG_ERR,"PAM close, can't find record for tty=%s", tty);
        logwtmp(tty, "", "");   /* write logout signature in wtmp too */
        return (PAM_SUCCESS);
}

--------------
 I can email the entire yet short file if you wish for easy testing.
As shipped the file wrote login times but never logout times to utmp,
wtmp, lastlog. With my additions it does these matters correctly and
"last" looks proper.
  
>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401210012.i0L0C987061084>