2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed by Markus Friedl.
18 * 4. The name of the author may not be used to endorse or promote products
19 * derived from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 ** loginrec.c: platform-independent login recording and lastlog retrieval
38 The new login code explained
39 ============================
41 This code attempts to provide a common interface to login recording
42 (utmp and friends) and last login time retrieval.
44 Its primary means of achieving this is to use 'struct logininfo', a
45 union of all the useful fields in the various different types of
46 system login record structures one finds on UNIX variants.
48 We depend on autoconf to define which recording methods are to be
49 used, and which fields are contained in the relevant data structures
50 on the local system. Many C preprocessor symbols affect which code
53 The code is designed to make it easy to modify a particular
54 recording method, without affecting other methods nor requiring so
55 many nested conditional compilation blocks as were commonplace in
58 For login recording, we try to use the local system's libraries as
59 these are clearly most likely to work correctly. For utmp systems
60 this usually means login() and logout() or setutent() etc., probably
61 in libutil, along with logwtmp() etc. On these systems, we fall back
62 to writing the files directly if we have to, though this method
63 requires very thorough testing so we do not corrupt local auditing
64 information. These files and their access methods are very system
67 For utmpx systems, the corresponding library functions are
68 setutxent() etc. To the author's knowledge, all utmpx systems have
69 these library functions and so no direct write is attempted. If such
70 a system exists and needs support, direct analogues of the [uw]tmp
73 Retrieving the time of last login ('lastlog') is in some ways even
74 more problemmatic than login recording. Some systems provide a
75 simple table of all users which we seek based on uid and retrieve a
76 relatively standard structure. Others record the same information in
77 a directory with a separate file, and others don't record the
78 information separately at all. For systems in the latter category,
79 we look backwards in the wtmp or wtmpx file for the last login entry
80 for our user. Naturally this is slower and on busy systems could
81 incur a significant performance penalty.
86 In OpenSSH all login recording and retrieval is performed in
87 login.c. Here you'll find working examples. Also, in the logintest.c
88 program there are more examples.
90 Internal handler calling method
91 -------------------------------
93 When a call is made to login_login() or login_logout(), both
94 routines set a struct logininfo flag defining which action (log in,
95 or log out) is to be taken. They both then call login_write(), which
96 calls whichever of the many structure-specific handlers autoconf
97 selects for the local system.
99 The handlers themselves handle system data structure specifics. Both
100 struct utmp and struct utmpx have utility functions (see
101 construct_utmp*()) to try to make it simpler to add extra systems
102 that introduce new features to either structure.
104 While it may seem terribly wasteful to replicate so much similar
105 code for each method, experience has shown that maintaining code to
106 write both struct utmp and utmpx in one function, whilst maintaining
107 support for all systems whether they have library support or not, is
108 a difficult and time-consuming task.
110 Lastlog support proceeds similarly. Functions login_get_lastlog()
111 (and its OpenSSH-tuned friend login_get_lastlog_time()) call
112 getlast_entry(), which tries one of three methods to find the last
113 login time. It uses local system lastlog support if it can,
114 otherwise it tries wtmp or wtmpx before giving up and returning 0,
120 In many cases it's possible to tweak autoconf to select the correct
121 methods for a particular platform, either by improving the detection
122 code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
123 symbols for the platform.
125 Use logintest to check which symbols are defined before modifying
126 configure.in and loginrec.c. (You have to build logintest yourself
127 with 'make logintest' as it's not built by default.)
129 Otherwise, patches to the specific method(s) are very helpful!
135 ** homegrown ttyslot()q
142 ** Linux (Redhat 6.2, need more variants)
143 ** HP-UX 10.20 (gcc only)
146 ** Testing required: Please send reports!
152 ** Platforms with known problems:
157 #include "includes.h"
166 # include <lastlog.h>
171 #include "loginrec.h"
176 ** prototypes for helper functions in this file
180 void set_utmp_time(struct logininfo *li, struct utmp *ut);
181 void construct_utmp(struct logininfo *li, struct utmp *ut);
185 void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
186 void construct_utmpx(struct logininfo *li, struct utmpx *ut);
189 int utmp_write_entry(struct logininfo *li);
190 int utmpx_write_entry(struct logininfo *li);
191 int wtmp_write_entry(struct logininfo *li);
192 int wtmpx_write_entry(struct logininfo *li);
193 int lastlog_write_entry(struct logininfo *li);
194 int syslogin_write_entry(struct logininfo *li);
196 int getlast_entry(struct logininfo *li);
197 int lastlog_get_entry(struct logininfo *li);
198 int wtmp_get_entry(struct logininfo *li);
199 int wtmpx_get_entry(struct logininfo *li);
201 /* pick the shortest string */
202 #define MIN_SIZEOF(s1,s2) ( sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2) )
205 ** platform-independent login functions
208 /* login_login(struct logininfo *) -Record a login
210 * Call with a pointer to a struct logininfo initialised with
211 * login_init_entry() or login_alloc_entry()
215 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
218 login_login (struct logininfo *li)
220 li->type = LTYPE_LOGIN;
221 return login_write(li);
225 /* login_logout(struct logininfo *) - Record a logout
227 * Call as with login_login()
231 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
234 login_logout(struct logininfo *li)
236 li->type = LTYPE_LOGOUT;
237 return login_write(li);
240 /* login_get_lastlog_time(int) - Retrieve the last login time
242 * Retrieve the last login time for the given uid. Will try to use the
243 * system lastlog facilities if they are available, but will fall back
244 * to looking in wtmp/wtmpx if necessary
247 * 0 on failure, or if user has never logged in
248 * Time in seconds from the epoch if successful
250 * Useful preprocessor symbols:
251 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
253 * USE_LASTLOG: If set, indicates the presence of system lastlog
254 * facilities. If this and DISABLE_LASTLOG are not set,
255 * try to retrieve lastlog information from wtmp/wtmpx.
258 login_get_lastlog_time(const int uid)
262 if (login_get_lastlog(&li, uid))
268 /* login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
270 * Retrieve a logininfo structure populated (only partially) with
271 * information from the system lastlog data, or from wtmp/wtmpx if no
272 * system lastlog information exists.
274 * Note this routine must be given a pre-allocated logininfo.
277 * >0: A pointer to your struct logininfo if successful
278 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
282 login_get_lastlog(struct logininfo *li, const int uid)
286 memset(li, '\0', sizeof(struct logininfo));
290 * If we don't have a 'real' lastlog, we need the username to
291 * reliably search wtmp(x) for the last login (see
296 fatal("login_get_lastlog: Cannot find account for uid %i", uid);
298 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
300 strlcpy(li->username, pw->pw_name, sizeof(li->username));
302 if (getlast_entry(li))
309 /* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
310 * a logininfo structure
312 * This function creates a new struct logininfo, a data structure
313 * meant to carry the information required to portably record login info.
315 * Returns a pointer to a newly created struct logininfo. If memory
316 * allocation fails, the program halts.
319 logininfo *login_alloc_entry(int pid, const char *username,
320 const char *hostname, const char *line)
322 struct logininfo *newli;
324 newli = (struct logininfo *) xmalloc (sizeof(struct logininfo));
325 (void)login_init_entry(newli, pid, username, hostname, line);
330 /* login_free_entry(struct logininfo *) - free struct memory */
332 login_free_entry(struct logininfo *li)
338 /* login_init_entry(struct logininfo *, int, char*, char*, char*)
339 * - initialise a struct logininfo
341 * Populates a new struct logininfo, a data structure meant to carry
342 * the information required to portably record login info.
347 login_init_entry(struct logininfo *li, int pid, const char *username,
348 const char *hostname, const char *line)
352 memset(li, 0, sizeof(struct logininfo));
356 /* set the line information */
358 line_fullname(li->line, line, sizeof(li->line));
361 strlcpy(li->username, username, sizeof(li->username));
362 pw = getpwnam(li->username);
364 fatal("login_init_entry: Cannot find user \"%s\"", li->username);
365 li->uid = pw->pw_uid;
369 strlcpy(li->hostname, hostname, sizeof(li->hostname));
374 /* login_set_current_time(struct logininfo *) - set the current time
376 * Set the current time in a logininfo structure. This function is
377 * meant to eliminate the need to deal with system dependencies for
381 login_set_current_time(struct logininfo *li)
385 gettimeofday(&tv, NULL);
387 li->tv_sec = tv.tv_sec;
388 li->tv_usec = tv.tv_usec;
391 /* copy a sockaddr_* into our logininfo */
393 login_set_addr(struct logininfo *li, const struct sockaddr *sa,
394 const unsigned int sa_size)
396 unsigned int bufsize = sa_size;
398 /* make sure we don't overrun our union */
399 if (sizeof(li->hostaddr) < sa_size)
400 bufsize = sizeof(li->hostaddr);
402 memcpy((void *)&(li->hostaddr.sa), (const void *)sa, bufsize);
407 ** login_write: Call low-level recording functions based on autoconf
411 login_write (struct logininfo *li)
413 if ((int)geteuid() != 0) {
414 log("Attempt to write login records by non-root user (aborting)");
418 /* set the timestamp */
419 login_set_current_time(li);
421 syslogin_write_entry(li);
424 if (li->type == LTYPE_LOGIN) {
425 lastlog_write_entry(li);
429 utmp_write_entry(li);
432 wtmp_write_entry(li);
435 utmpx_write_entry(li);
438 wtmpx_write_entry(li);
444 ** getlast_entry: Call low-level functions to retrieve the last login
448 /* take the uid in li and return the last login time */
450 getlast_entry(struct logininfo *li)
453 return(lastlog_get_entry(li));
454 #else /* !USE_LASTLOG */
456 #ifdef DISABLE_LASTLOG
457 /* On some systems we shouldn't even try to obtain last login
460 # else /* DISABLE_LASTLOG */
461 /* Try to retrieve the last login time from wtmp */
462 # if defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
463 /* retrieve last login time from utmp */
464 return (wtmp_get_entry(li));
465 # else /* defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) */
466 /* If wtmp isn't available, try wtmpx */
467 # if defined(USE_WTMPX) && (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
468 /* retrieve last login time from utmpx */
469 return (wtmpx_get_entry(li));
471 /* Give up: No means of retrieving last login time */
473 # endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */
474 # endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */
475 # endif /* DISABLE_LASTLOG */
476 #endif /* USE_LASTLOG */
482 * 'line' string utility functions
484 * These functions process the 'line' string into one of three forms:
486 * 1. The full filename (including '/dev')
487 * 2. The stripped name (excluding '/dev')
488 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
489 * /dev/pts/1 -> ts/1 )
491 * Form 3 is used on some systems to identify a .tmp.? entry when
492 * attempting to remove it. Typically both addition and removal is
493 * performed by one application - say, sshd - so as long as the choice
494 * uniquely identifies a terminal it's ok.
498 /* line_fullname(): add the leading '/dev/' if it doesn't exist make
499 * sure dst has enough space, if not just copy src (ugh) */
501 line_fullname(char *dst, const char *src, int dstsize)
503 memset(dst, '\0', dstsize);
504 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
505 strlcpy(dst, src, dstsize);
507 strlcpy(dst, "/dev/", dstsize);
508 strlcat(dst, src, dstsize);
513 /* line_stripname(): strip the leading '/dev' if it exists, return dst */
515 line_stripname(char *dst, const char *src, int dstsize)
517 memset(dst, '\0', dstsize);
518 if (strncmp(src, "/dev/", 5) == 0)
519 strlcpy(dst, &src[5], dstsize);
521 strlcpy(dst, src, dstsize);
525 /* line_abbrevname(): Return the abbreviated (usually four-character)
526 * form of the line (Just use the last <dstsize> characters of the
529 * NOTE: use strncpy because we do NOT necessarily want zero
532 line_abbrevname(char *dst, const char *src, int dstsize)
536 memset(dst, '\0', dstsize);
538 /* Always skip prefix if present */
539 if (strncmp(src, "/dev/", 5) == 0)
545 if (((int)len - dstsize) > 0)
546 src += ((int)len - dstsize);
548 /* note: _don't_ change this to strlcpy */
549 strncpy(dst, src, (size_t)dstsize);
556 ** utmp utility functions
558 ** These functions manipulate struct utmp, taking system differences
562 #if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
564 /* build the utmp structure */
566 set_utmp_time(struct logininfo *li, struct utmp *ut)
568 # ifdef HAVE_TV_IN_UTMP
569 ut->ut_tv.tv_sec = li->tv_sec;
570 ut->ut_tv.tv_usec = li->tv_usec;
572 # ifdef HAVE_TIME_IN_UTMP
573 ut->ut_time = li->tv_sec;
579 construct_utmp(struct logininfo *li,
582 memset(ut, '\0', sizeof(struct utmp));
584 /* First fill out fields used for both logins and logouts */
586 # ifdef HAVE_ID_IN_UTMP
587 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
590 # ifdef HAVE_TYPE_IN_UTMP
591 /* This is done here to keep utmp constants out of struct logininfo */
594 ut->ut_type = USER_PROCESS;
597 ut->ut_type = DEAD_PROCESS;
601 set_utmp_time(li, ut);
603 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
605 # ifdef HAVE_PID_IN_UTMP
606 ut->ut_pid = li->pid;
609 /* If we're logging out, leave all other fields blank */
610 if (li->type == LTYPE_LOGOUT)
614 * These fields are only used when logging in, and are blank
618 /* Use strncpy because we don't necessarily want null termination */
619 strncpy(ut->ut_user, li->username, MIN_SIZEOF(ut->ut_user, li->username));
620 # ifdef HAVE_HOST_IN_UTMP
621 strncpy(ut->ut_host, li->hostname, MIN_SIZEOF(ut->ut_host, li->hostname));
623 # ifdef HAVE_ADDR_IN_UTMP
624 /* this is just a 32-bit IP address */
625 if (li->hostaddr.sa.sa_family == AF_INET)
626 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
629 #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
632 ** utmpx utility functions
634 ** These functions manipulate struct utmpx, accounting for system
638 #if defined(USE_UTMPX) || defined (USE_WTMPX)
639 /* build the utmpx structure */
641 set_utmpx_time(struct logininfo *li, struct utmpx *utx)
643 # ifdef HAVE_TV_IN_UTMPX
644 utx->ut_tv.tv_sec = li->tv_sec;
645 utx->ut_tv.tv_usec = li->tv_usec;
646 # else /* HAVE_TV_IN_UTMPX */
647 # ifdef HAVE_TIME_IN_UTMPX
648 utx->ut_time = li->tv_sec;
649 # endif /* HAVE_TIME_IN_UTMPX */
650 # endif /* HAVE_TV_IN_UTMPX */
654 construct_utmpx(struct logininfo *li, struct utmpx *utx)
656 memset(utx, '\0', sizeof(struct utmpx));
657 # ifdef HAVE_ID_IN_UTMPX
658 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
661 /* this is done here to keep utmp constants out of loginrec.h */
664 utx->ut_type = USER_PROCESS;
667 utx->ut_type = DEAD_PROCESS;
670 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
671 set_utmpx_time(li, utx);
672 utx->ut_pid = li->pid;
674 if (li->type == LTYPE_LOGOUT)
678 * These fields are only used when logging in, and are blank
682 /* strncpy(): Don't necessarily want null termination */
683 strncpy(utx->ut_name, li->username, MIN_SIZEOF(utx->ut_name, li->username));
684 # ifdef HAVE_HOST_IN_UTMPX
685 strncpy(utx->ut_host, li->hostname, MIN_SIZEOF(utx->ut_host, li->hostname));
687 # ifdef HAVE_ADDR_IN_UTMPX
688 /* FIXME: (ATL) not supported yet */
690 # ifdef HAVE_SYSLEN_IN_UTMPX
691 /* ut_syslen is the length of the utx_host string */
692 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
695 #endif /* USE_UTMPX || USE_WTMPX */
698 ** Low-level utmp functions
701 /* FIXME: (ATL) utmp_write_direct needs testing */
704 /* if we can, use pututline() etc. */
705 # if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
706 defined(HAVE_PUTUTLINE)
707 # define UTMP_USE_LIBRARY
711 /* write a utmp entry with the system's help (pututline() and pals) */
712 # ifdef UTMP_USE_LIBRARY
714 utmp_write_library(struct logininfo *li, struct utmp *ut)
719 # ifdef HAVE_ENDUTENT
724 # else /* UTMP_USE_LIBRARY */
726 /* write a utmp entry direct to the file */
727 /* This is a slightly modification of code in OpenBSD's login.c */
729 utmp_write_direct(struct logininfo *li, struct utmp *ut)
735 /* FIXME: (ATL) ttyslot() needs local implementation */
736 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
738 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
739 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
741 * Prevent luser from zero'ing out ut_host.
742 * If the new ut_line is empty but the old one is not
743 * and ut_line and ut_name match, preserve the old ut_line.
745 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
746 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
747 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
748 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) {
749 (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
752 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
753 if (atomicio(write, fd, ut, sizeof(ut)) != sizeof(ut))
754 log("utmp_write_direct: error writing %s: %s",
755 UTMP_FILE, strerror(errno));
763 # endif /* UTMP_USE_LIBRARY */
766 utmp_perform_login(struct logininfo *li)
770 construct_utmp(li, &ut);
771 # ifdef UTMP_USE_LIBRARY
772 if (!utmp_write_library(li, &ut)) {
773 log("utmp_perform_login: utmp_write_library() failed");
777 if (!utmp_write_direct(li, &ut)) {
778 log("utmp_perform_login: utmp_write_direct() failed");
787 utmp_perform_logout(struct logininfo *li)
791 construct_utmp(li, &ut);
792 # ifdef UTMP_USE_LIBRARY
793 if (!utmp_write_library(li, &ut)) {
794 log("utmp_perform_logout: utmp_write_library() failed");
798 if (!utmp_write_direct(li, &ut)) {
799 log("utmp_perform_logout: utmp_write_direct() failed");
808 utmp_write_entry(struct logininfo *li)
812 return utmp_perform_login(li);
815 return utmp_perform_logout(li);
818 log("utmp_write_entry: invalid type field");
822 #endif /* USE_UTMP */
826 ** Low-level utmpx functions
829 /* not much point if we don't want utmpx entries */
832 /* if we have the wherewithall, use pututxline etc. */
833 # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
834 defined(HAVE_PUTUTXLINE)
835 # define UTMPX_USE_LIBRARY
839 /* write a utmpx entry with the system's help (pututxline() and pals) */
840 # ifdef UTMPX_USE_LIBRARY
842 utmpx_write_library(struct logininfo *li, struct utmpx *utx)
847 # ifdef HAVE_ENDUTXENT
853 # else /* UTMPX_USE_LIBRARY */
855 /* write a utmp entry direct to the file */
857 utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
859 log("utmpx_write_direct: not implemented!");
862 # endif /* UTMPX_USE_LIBRARY */
865 utmpx_perform_login(struct logininfo *li)
869 construct_utmpx(li, &utx);
870 # ifdef UTMPX_USE_LIBRARY
871 if (!utmpx_write_library(li, &utx)) {
872 log("utmpx_perform_login: utmp_write_library() failed");
876 if (!utmpx_write_direct(li, &ut)) {
877 log("utmpx_perform_login: utmp_write_direct() failed");
886 utmpx_perform_logout(struct logininfo *li)
890 memset(&utx, '\0', sizeof(utx));
891 set_utmpx_time(li, &utx);
892 line_stripname(utx.ut_line, li->line, sizeof(utx.ut_line));
893 # ifdef HAVE_ID_IN_UTMPX
894 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
896 # ifdef HAVE_TYPE_IN_UTMPX
897 utx.ut_type = DEAD_PROCESS;
900 # ifdef UTMPX_USE_LIBRARY
901 utmpx_write_library(li, &utx);
903 utmpx_write_direct(li, &utx);
909 utmpx_write_entry(struct logininfo *li)
913 return utmpx_perform_login(li);
915 return utmpx_perform_logout(li);
917 log("utmpx_write_entry: invalid type field");
921 #endif /* USE_UTMPX */
925 ** Low-level wtmp functions
930 /* write a wtmp entry direct to the end of the file */
931 /* This is a slight modification of code in OpenBSD's logwtmp.c */
933 wtmp_write(struct logininfo *li, struct utmp *ut)
938 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
939 log("wtmp_write: problem writing %s: %s",
940 WTMP_FILE, strerror(errno));
943 if (fstat(fd, &buf) == 0)
944 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
945 ftruncate(fd, buf.st_size);
946 log("wtmp_write: problem writing %s: %s",
947 WTMP_FILE, strerror(errno));
955 wtmp_perform_login(struct logininfo *li)
959 construct_utmp(li, &ut);
960 return wtmp_write(li, &ut);
965 wtmp_perform_logout(struct logininfo *li)
969 construct_utmp(li, &ut);
970 return wtmp_write(li, &ut);
975 wtmp_write_entry(struct logininfo *li)
979 return wtmp_perform_login(li);
981 return wtmp_perform_logout(li);
983 log("wtmp_write_entry: invalid type field");
989 /* Notes on fetching login data from wtmp/wtmpx
991 * Logouts are usually recorded with (amongst other things) a blank
992 * username on a given tty line. However, some systems (HP-UX is one)
993 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
995 * Since we're only looking for logins here, we know that the username
996 * must be set correctly. On systems that leave it in, we check for
997 * ut_type==USER_PROCESS (indicating a login.)
999 * Portability: Some systems may set something other than USER_PROCESS
1000 * to indicate a login process. I don't know of any as I write. Also,
1001 * it's possible that some systems may both leave the username in
1002 * place and not have ut_type.
1005 /* return true if this wtmp entry indicates a login */
1007 wtmp_islogin(struct logininfo *li, struct utmp *ut)
1009 if (strncmp(li->username, ut->ut_user,
1010 MIN_SIZEOF(li->username, ut->ut_user)) == 0) {
1011 # ifdef HAVE_TYPE_IN_UTMP
1012 if (ut->ut_type & USER_PROCESS)
1022 wtmp_get_entry(struct logininfo *li)
1028 /* Clear the time entries in our logininfo */
1029 li->tv_sec = li->tv_usec = 0;
1031 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
1032 log("wtmp_get_entry: problem opening %s: %s",
1033 WTMP_FILE, strerror(errno));
1036 if (fstat(fd, &st) != 0) {
1037 log("wtmp_get_entry: couldn't stat %s: %s",
1038 WTMP_FILE, strerror(errno));
1043 /* Seek to the start of the last struct utmp */
1044 if (lseek(fd, (off_t)(0-sizeof(struct utmp)), SEEK_END) == -1) {
1045 /* Looks like we've got a fresh wtmp file */
1051 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
1052 log("wtmp_get_entry: read of %s failed: %s",
1053 WTMP_FILE, strerror(errno));
1057 if ( wtmp_islogin(li, &ut) ) {
1059 /* We've already checked for a time in struct
1060 * utmp, in login_getlast(). */
1061 # ifdef HAVE_TIME_IN_UTMP
1062 li->tv_sec = ut.ut_time;
1064 # if HAVE_TV_IN_UTMP
1065 li->tv_sec = ut.ut_tv.tv_sec;
1068 line_fullname(li->line, ut.ut_line,
1069 MIN_SIZEOF(li->line, ut.ut_line));
1070 # ifdef HAVE_HOST_IN_UTMP
1071 strlcpy(li->hostname, ut.ut_host,
1072 MIN_SIZEOF(li->hostname, ut.ut_host));
1076 /* Seek back 2 x struct utmp */
1077 if (lseek(fd, (off_t)(0-2*sizeof(struct utmp)), SEEK_CUR) == -1) {
1078 /* We've found the start of the file, so quit */
1084 /* We found an entry. Tidy up and return */
1088 # endif /* USE_WTMP */
1092 ** Low-level wtmpx functions
1096 /* write a wtmpx entry direct to the end of the file */
1097 /* This is a slight modification of code in OpenBSD's logwtmp.c */
1099 wtmpx_write(struct logininfo *li, struct utmpx *utx)
1104 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
1105 log("wtmpx_write: problem opening %s: %s",
1106 WTMPX_FILE, strerror(errno));
1110 if (fstat(fd, &buf) == 0)
1111 if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1112 ftruncate(fd, buf.st_size);
1113 log("wtmpx_write: problem writing %s: %s",
1114 WTMPX_FILE, strerror(errno));
1124 wtmpx_perform_login(struct logininfo *li)
1128 construct_utmpx(li, &utx);
1129 return wtmpx_write(li, &utx);
1134 wtmpx_perform_logout(struct logininfo *li)
1138 construct_utmpx(li, &utx);
1139 return wtmpx_write(li, &utx);
1144 wtmpx_write_entry(struct logininfo *li)
1148 return wtmpx_perform_login(li);
1150 return wtmpx_perform_logout(li);
1152 log("wtmpx_write_entry: invalid type field");
1157 /* Please see the notes above wtmp_islogin() for information about the
1158 next two functions */
1160 /* Return true if this wtmpx entry indicates a login */
1162 wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1164 if ( strncmp(li->username, utx->ut_user,
1165 MIN_SIZEOF(li->username, utx->ut_user)) == 0 ) {
1166 # ifdef HAVE_TYPE_IN_UTMPX
1167 if (utx->ut_type == USER_PROCESS)
1178 wtmpx_get_entry(struct logininfo *li)
1184 /* Clear the time entries */
1185 li->tv_sec = li->tv_usec = 0;
1187 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
1188 log("wtmpx_get_entry: problem opening %s: %s",
1189 WTMPX_FILE, strerror(errno));
1192 if (fstat(fd, &st) != 0) {
1193 log("wtmpx_get_entry: couldn't stat %s: %s",
1194 WTMP_FILE, strerror(errno));
1199 /* Seek to the start of the last struct utmpx */
1200 if (lseek(fd, (off_t)(0-sizeof(struct utmpx)), SEEK_END) == -1 ) {
1201 /* probably a newly rotated wtmpx file */
1207 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
1208 log("wtmpx_get_entry: read of %s failed: %s",
1209 WTMPX_FILE, strerror(errno));
1213 /* Logouts are recorded as a blank username on a particular line.
1214 * So, we just need to find the username in struct utmpx */
1215 if ( wtmpx_islogin(li, &utx) ) {
1216 # ifdef HAVE_TV_IN_UTMPX
1217 li->tv_sec = utx.ut_tv.tv_sec;
1219 # ifdef HAVE_TIME_IN_UTMPX
1220 li->tv_sec = utx.ut_time;
1223 line_fullname(li->line, utx.ut_line, sizeof(li->line));
1224 # ifdef HAVE_HOST_IN_UTMPX
1225 strlcpy(li->hostname, utx.ut_host,
1226 MIN_SIZEOF(li->hostname, utx.ut_host));
1230 if (lseek(fd, (off_t)(0-2*sizeof(struct utmpx)), SEEK_CUR) == -1) {
1239 #endif /* USE_WTMPX */
1242 ** Low-level libutil login() functions
1247 syslogin_perform_login(struct logininfo *li)
1251 if (! (ut = (struct utmp *)malloc(sizeof(struct utmp)))) {
1252 log("syslogin_perform_login: couldn't malloc()");
1255 construct_utmp(li, ut);
1262 syslogin_perform_logout(struct logininfo *li)
1267 (void)line_stripname(line, li->line, sizeof(line));
1269 if (!logout(line)) {
1270 log("syslogin_perform_logout: logout() returned an error");
1271 # ifdef HAVE_LOGWTMP
1273 logwtmp(line, "", "");
1276 /* FIXME: (ATL - if the need arises) What to do if we have
1277 * login, but no logout? what if logout but no logwtmp? All
1278 * routines are in libutil so they should all be there,
1285 syslogin_write_entry(struct logininfo *li)
1289 return syslogin_perform_login(li);
1291 return syslogin_perform_logout(li);
1293 log("syslogin_write_entry: Invalid type field");
1297 #endif /* USE_LOGIN */
1299 /* end of file log-syslogin.c */
1302 ** Low-level lastlog functions
1311 lastlog_construct(struct logininfo *li, struct lastlog *last)
1313 /* clear the structure */
1314 memset(last, '\0', sizeof(struct lastlog));
1316 (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
1317 strlcpy(last->ll_host, li->hostname,
1318 MIN_SIZEOF(last->ll_host, li->hostname));
1319 last->ll_time = li->tv_sec;
1323 lastlog_filetype(char *filename)
1327 if (stat(LASTLOG_FILE, &st) != 0) {
1328 log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE,
1332 if (S_ISDIR(st.st_mode))
1334 else if (S_ISREG(st.st_mode))
1341 /* open the file (using filemode) and seek to the login entry */
1343 lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1347 char lastlog_file[1024];
1349 type = lastlog_filetype(LASTLOG_FILE);
1352 strlcpy(lastlog_file, LASTLOG_FILE, sizeof(lastlog_file));
1355 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1356 LASTLOG_FILE, li->username);
1359 log("lastlog_openseek: %.100s is not a file or directory!",
1364 *fd = open(lastlog_file, filemode);
1366 debug("lastlog_openseek: Couldn't open %s: %s",
1367 lastlog_file, strerror(errno));
1371 /* find this uid's offset in the lastlog file */
1372 offset = (off_t) ( (long)li->uid * sizeof(struct lastlog));
1374 if ( lseek(*fd, offset, SEEK_SET) != offset ) {
1375 log("lastlog_openseek: %s->lseek(): %s",
1376 lastlog_file, strerror(errno));
1383 lastlog_perform_login(struct logininfo *li)
1385 struct lastlog last;
1388 /* create our struct lastlog */
1389 lastlog_construct(li, &last);
1391 /* write the entry */
1392 if (lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) {
1393 if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) {
1394 log("lastlog_write_filemode: Error writing to %s: %s",
1395 LASTLOG_FILE, strerror(errno));
1405 lastlog_write_entry(struct logininfo *li)
1409 return lastlog_perform_login(li);
1411 log("lastlog_write_entry: Invalid type field");
1417 lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1419 line_fullname(li->line, last->ll_line, sizeof(li->line));
1420 strlcpy(li->hostname, last->ll_host,
1421 MIN_SIZEOF(li->hostname, last->ll_host));
1422 li->tv_sec = last->ll_time;
1426 lastlog_get_entry(struct logininfo *li)
1428 struct lastlog last;
1431 if (lastlog_openseek(li, &fd, O_RDONLY)) {
1432 if (atomicio(read, fd, &last, sizeof(last)) != sizeof(last)) {
1433 log("lastlog_get_entry: Error reading from %s: %s",
1434 LASTLOG_FILE, strerror(errno));
1437 lastlog_populate_entry(li, &last);
1444 #endif /* USE_LASTLOG */