pam_lastlog.c (196650) | pam_lastlog.c (200413) |
---|---|
1/*- 2 * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * Copyright (c) 2001 Mark R V Murray 5 * All rights reserved. 6 * Copyright (c) 2001 Networks Associates Technology, Inc. 7 * All rights reserved. 8 * Copyright (c) 2004 Joe R. Doupnik --- 28 unchanged lines hidden (view full) --- 37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 41 * SUCH DAMAGE. 42 */ 43 44#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * Copyright (c) 2001 Mark R V Murray 5 * All rights reserved. 6 * Copyright (c) 2001 Networks Associates Technology, Inc. 7 * All rights reserved. 8 * Copyright (c) 2004 Joe R. Doupnik --- 28 unchanged lines hidden (view full) --- 37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 41 * SUCH DAMAGE. 42 */ 43 44#include <sys/cdefs.h> |
45__FBSDID("$FreeBSD: head/lib/libpam/modules/pam_lastlog/pam_lastlog.c 196650 2009-08-30 05:12:37Z jon $"); | 45__FBSDID("$FreeBSD: head/lib/libpam/modules/pam_lastlog/pam_lastlog.c 200413 2009-12-11 14:15:55Z ed $"); |
46 47#define _BSD_SOURCE 48 | 46 47#define _BSD_SOURCE 48 |
49#include <sys/param.h> 50 51#include <fcntl.h> 52#include <libutil.h> 53#include <paths.h> | |
54#include <pwd.h> | 49#include <pwd.h> |
55#include <stdio.h> 56#include <stdlib.h> 57#include <string.h> 58#include <syslog.h> | |
59#include <time.h> | 50#include <time.h> |
60#include <unistd.h> 61#include <utmp.h> | 51#include <ulog.h> |
62 63#define PAM_SM_SESSION 64 65#include <security/pam_appl.h> 66#include <security/pam_modules.h> 67#include <security/pam_mod_misc.h> 68 69PAM_EXTERN int 70pam_sm_open_session(pam_handle_t *pamh, int flags, 71 int argc __unused, const char *argv[] __unused) 72{ 73 struct passwd *pwd; | 52 53#define PAM_SM_SESSION 54 55#include <security/pam_appl.h> 56#include <security/pam_modules.h> 57#include <security/pam_mod_misc.h> 58 59PAM_EXTERN int 60pam_sm_open_session(pam_handle_t *pamh, int flags, 61 int argc __unused, const char *argv[] __unused) 62{ 63 struct passwd *pwd; |
74 struct utmp utmp; 75 struct lastlog ll; | 64 struct ulog_utmpx *utx; |
76 time_t t; 77 const char *user; 78 const void *rhost, *tty; | 65 time_t t; 66 const char *user; 67 const void *rhost, *tty; |
79 off_t llpos; 80 int fd, pam_err; | 68 int pam_err; |
81 82 pam_err = pam_get_user(pamh, &user, NULL); 83 if (pam_err != PAM_SUCCESS) 84 return (pam_err); 85 if (user == NULL || (pwd = getpwnam(user)) == NULL) 86 return (PAM_SERVICE_ERR); 87 PAM_LOG("Got user: %s", user); 88 --- 7 unchanged lines hidden (view full) --- 96 PAM_LOG("No PAM_TTY"); 97 goto err; 98 } 99 if (tty == NULL) { 100 PAM_LOG("No PAM_TTY"); 101 pam_err = PAM_SERVICE_ERR; 102 goto err; 103 } | 69 70 pam_err = pam_get_user(pamh, &user, NULL); 71 if (pam_err != PAM_SUCCESS) 72 return (pam_err); 73 if (user == NULL || (pwd = getpwnam(user)) == NULL) 74 return (PAM_SERVICE_ERR); 75 PAM_LOG("Got user: %s", user); 76 --- 7 unchanged lines hidden (view full) --- 84 PAM_LOG("No PAM_TTY"); 85 goto err; 86 } 87 if (tty == NULL) { 88 PAM_LOG("No PAM_TTY"); 89 pam_err = PAM_SERVICE_ERR; 90 goto err; 91 } |
104 if (strncmp(tty, _PATH_DEV, strlen(_PATH_DEV)) == 0) 105 tty = (const char *)tty + strlen(_PATH_DEV); 106 if (*(const char *)tty == '\0') 107 return (PAM_SERVICE_ERR); | |
108 | 92 |
109 fd = open(_PATH_LASTLOG, O_RDWR|O_CREAT, 0644); 110 if (fd == -1) { 111 PAM_LOG("Failed to open %s", _PATH_LASTLOG); 112 goto file_err; 113 } 114 115 /* 116 * Record session in lastlog(5). 117 */ 118 llpos = (off_t)(pwd->pw_uid * sizeof(ll)); 119 if (lseek(fd, llpos, L_SET) != llpos) 120 goto file_err; | |
121 if ((flags & PAM_SILENT) == 0) { | 93 if ((flags & PAM_SILENT) == 0) { |
122 if (read(fd, &ll, sizeof ll) == sizeof ll && ll.ll_time != 0) { 123 t = ll.ll_time; 124 if (*ll.ll_host != '\0') 125 pam_info(pamh, "Last login: %.*s from %.*s", 126 24 - 5, ctime(&t), 127 (int)sizeof(ll.ll_host), ll.ll_host); 128 else 129 pam_info(pamh, "Last login: %.*s on %.*s", 130 24 - 5, ctime(&t), 131 (int)sizeof(ll.ll_line), ll.ll_line); | 94 if (ulog_setutxfile(UTXF_LASTLOG, NULL) != 0) { 95 PAM_LOG("Failed to open lastlog database"); 96 } else { 97 utx = ulog_getutxuser(user); 98 if (utx != NULL && utx->ut_type == USER_PROCESS) { 99 t = utx->ut_tv.tv_sec; 100 if (*utx->ut_host != '\0') 101 pam_info(pamh, "Last login: %.*s from %s", 102 24 - 5, ctime(&t), utx->ut_host); 103 else 104 pam_info(pamh, "Last login: %.*s on %s", 105 24 - 5, ctime(&t), utx->ut_line); 106 } 107 ulog_endutxent(); |
132 } | 108 } |
133 if (lseek(fd, llpos, L_SET) != llpos) 134 goto file_err; | |
135 } 136 | 109 } 110 |
137 bzero(&ll, sizeof(ll)); 138 ll.ll_time = time(NULL); | 111 ulog_login(tty, user, rhost); |
139 | 112 |
140 /* note: does not need to be NUL-terminated */ 141 strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 142 if (rhost != NULL && *(const char *)rhost != '\0') 143 /* note: does not need to be NUL-terminated */ 144 strncpy(ll.ll_host, rhost, sizeof(ll.ll_host)); 145 146 if (write(fd, (char *)&ll, sizeof(ll)) != sizeof(ll) || close(fd) != 0) 147 goto file_err; 148 149 PAM_LOG("Login recorded in %s", _PATH_LASTLOG); 150 151 /* 152 * Record session in utmp(5) and wtmp(5). 153 */ 154 bzero(&utmp, sizeof(utmp)); 155 utmp.ut_time = time(NULL); 156 /* note: does not need to be NUL-terminated */ 157 strncpy(utmp.ut_name, user, sizeof(utmp.ut_name)); 158 if (rhost != NULL && *(const char *)rhost != '\0') 159 strncpy(utmp.ut_host, rhost, sizeof(utmp.ut_host)); 160 (void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 161 login(&utmp); 162 | |
163 return (PAM_SUCCESS); 164 | 113 return (PAM_SUCCESS); 114 |
165file_err: 166 syslog(LOG_ERR, "%s: %m", _PATH_LASTLOG); 167 if (fd != -1) 168 close(fd); 169 pam_err = PAM_SYSTEM_ERR; | |
170err: 171 if (openpam_get_option(pamh, "no_fail")) 172 return (PAM_SUCCESS); 173 return (pam_err); 174} 175 176PAM_EXTERN int | 115err: 116 if (openpam_get_option(pamh, "no_fail")) 117 return (PAM_SUCCESS); 118 return (pam_err); 119} 120 121PAM_EXTERN int |
177pam_sm_close_session(pam_handle_t *pamh __unused, int flags __unused, | 122pam_sm_close_session(pam_handle_t *pamh, int flags __unused, |
178 int argc __unused, const char *argv[] __unused) 179{ 180 const void *tty; 181 int pam_err; 182 183 pam_err = pam_get_item(pamh, PAM_TTY, (const void **)&tty); 184 if (pam_err != PAM_SUCCESS) 185 goto err; 186 if (tty == NULL) { 187 PAM_LOG("No PAM_TTY"); 188 pam_err = PAM_SERVICE_ERR; 189 goto err; 190 } | 123 int argc __unused, const char *argv[] __unused) 124{ 125 const void *tty; 126 int pam_err; 127 128 pam_err = pam_get_item(pamh, PAM_TTY, (const void **)&tty); 129 if (pam_err != PAM_SUCCESS) 130 goto err; 131 if (tty == NULL) { 132 PAM_LOG("No PAM_TTY"); 133 pam_err = PAM_SERVICE_ERR; 134 goto err; 135 } |
191 if (strncmp(tty, _PATH_DEV, strlen(_PATH_DEV)) == 0) 192 tty = (const char *)tty + strlen(_PATH_DEV); 193 if (*(const char *)tty == '\0') 194 return (PAM_SERVICE_ERR); 195 if (logout(tty) != 1) 196 syslog(LOG_ERR, "%s(): no utmp record for %s", 197 __func__, (const char *)tty); 198 logwtmp(tty, "", ""); | 136 ulog_logout(tty); |
199 return (PAM_SUCCESS); 200 201 err: 202 if (openpam_get_option(pamh, "no_fail")) 203 return (PAM_SUCCESS); 204 return (pam_err); 205} 206 207PAM_MODULE_ENTRY("pam_lastlog"); | 137 return (PAM_SUCCESS); 138 139 err: 140 if (openpam_get_option(pamh, "no_fail")) 141 return (PAM_SUCCESS); 142 return (pam_err); 143} 144 145PAM_MODULE_ENTRY("pam_lastlog"); |