From aswab@panda.isbu.digex.net Mon Nov 5 19:35:42 2001
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id TAA12242
for <bugs@RT-11.mit.edu>; Mon, 5 Nov 2001 19:35:42 -0500 (EST)
Received: from panda.isbu.digex.net (panda.isbu.digex.net [164.109.8.60])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id TAA29894
for <krb5-bugs@mit.edu>; Mon, 5 Nov 2001 19:35:41 -0500 (EST)
Received: (from aswab@localhost)
by panda.isbu.digex.net (8.10.2+Sun/8.10.2) id fA60ZBs19687;
Mon, 5 Nov 2001 19:35:11 -0500 (EST)
Message-Id: <200111060035.fA60ZBs19687@panda.isbu.digex.net>
Date: Mon, 5 Nov 2001 19:35:11 -0500 (EST)
From: Alex.Swab@digex.com
Reply-To: Alex.Swab@digex.com
To: krb5-bugs@mit.edu
Subject: patch to fix utmpx updates on Solaris 8 for krb5-1.2.2 update_utmp.c
X-Send-Pr-Version: 3.99
System: SunOS csgate.corp.digex.com 5.8 Generic_108528-09 sun4u sparc SUNW,Ultra-60
Architecture: sun4
The utmpx filename becomes littered with random characters when Kerberos
programs call the pty_update_utmp function. On Solaris 8 sparc, the
littered filename becomes /var/adm/utmp*x where '*' seems to be a random
number of random characters. A new file is created with a different
littered name and contains a single utmpx entry each time the
pty_update_utmp function is called. The 'who' command on Solaris 8
reads the /var/adm/utmpx file by default, so when pty_update_utmp
creates an utmpx entry into a littered filename, 'who' will not show
the Kerberos login, however the 'last' command does show the login
because wtmpx updates seem to be working fine.
onto Solaris 8 sparc and setup klogind server to run from inetd, then
use Kerberos rlogin from a remote machine to login to the klogind.
I'm using the following line in the /etc/inet/inetd.conf for klogind:
eklogin stream tcp nowait root /usr/local/sbin/klogind klogind -5 -c -e -w ip
The results for me is that the user can login and function fine,
but the utmpx file name is littered as described above.
I haven't tested the patched code on other platforms, so I'm not sure
if it won't break another platform. I left most of the code as-is
by still first populating an utmp structure when utmpx is available.
However, I setup preprocessor directives to avoid calling most of the
utmp functions (utmpname, setutent, pututline, and endutent) when
HAVE_SETUTXENT is defined. As original, the code still copies the utmp
structure 'ent' to utmpx structure 'utx' with the getutmpx function
else does the HP-UX/DEC workaround. I moved the setutxent call from
before the getutmpx down to after the utmpx structure is complete just
before the pututxline call. I addeded a utmpxname call just before the
new setutxent and gave it an argument of the preprocessed UTMPX_FILE.
Here is the patch:
*** DIST/krb5-1.2.2/src/util/pty/update_utmp.c Wed Feb 28 17:08:33 2001
--- PATCHED/krb5-1.2.2/src/util/pty/update_utmp.c Mon Nov 5 15:08:10 2001
***************
*** 112,119 ****
--- 112,122 ----
#ifdef HAVE_SETUTENT
+ #ifndef HAVE_SETUTXENT
utmpname(UTMP_FILE);
setutent();
+ #endif
+
/* If we need to preserve the user name in the wtmp structure and
* Our flags tell us we can obtain it from the utmp and we succeed in
* obtaining it, we then save the utmp structure we obtain, write
***************
*** 131,141 ****
}
#endif
pututline(&ent);
endutent();
#ifdef HAVE_SETUTXENT
! setutxent();
#ifdef HAVE_GETUTMPX
getutmpx(&ent, &utx);
#else
--- 134,146 ----
}
#endif
+ #ifndef HAVE_SETUTXENT
pututline(&ent);
endutent();
+ #endif
#ifdef HAVE_SETUTXENT
!
#ifdef HAVE_GETUTMPX
getutmpx(&ent, &utx);
#else
***************
*** 163,168 ****
--- 168,175 ----
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
else
utx.ut_host[0] = 0;
+ utmpxname(UTMPX_FILE);
+ setutxent();
pututxline(&utx);
endutxent();
#endif /* HAVE_SETUTXENT */
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id TAA12242
for <bugs@RT-11.mit.edu>; Mon, 5 Nov 2001 19:35:42 -0500 (EST)
Received: from panda.isbu.digex.net (panda.isbu.digex.net [164.109.8.60])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id TAA29894
for <krb5-bugs@mit.edu>; Mon, 5 Nov 2001 19:35:41 -0500 (EST)
Received: (from aswab@localhost)
by panda.isbu.digex.net (8.10.2+Sun/8.10.2) id fA60ZBs19687;
Mon, 5 Nov 2001 19:35:11 -0500 (EST)
Message-Id: <200111060035.fA60ZBs19687@panda.isbu.digex.net>
Date: Mon, 5 Nov 2001 19:35:11 -0500 (EST)
From: Alex.Swab@digex.com
Reply-To: Alex.Swab@digex.com
To: krb5-bugs@mit.edu
Subject: patch to fix utmpx updates on Solaris 8 for krb5-1.2.2 update_utmp.c
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 1011
>Category: pty
>Synopsis: fix for the known utmpx bug described in krb5-1.2.2/README
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: hartmans
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Nov 5 19:36:01 EST 2001
>Last-Modified:
>Originator: Alex Swab
>Organization:
Digex, Inc.>Category: pty
>Synopsis: fix for the known utmpx bug described in krb5-1.2.2/README
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: hartmans
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Nov 5 19:36:01 EST 2001
>Last-Modified:
>Originator: Alex Swab
>Organization:
Show quoted text
>Release: krb5-1.2.2
>Environment:
sparc, Solaris 8>Environment:
System: SunOS csgate.corp.digex.com 5.8 Generic_108528-09 sun4u sparc SUNW,Ultra-60
Architecture: sun4
Show quoted text
>Description:
The utmpx bug is known and documented in the krb5-1.2.2/README.The utmpx filename becomes littered with random characters when Kerberos
programs call the pty_update_utmp function. On Solaris 8 sparc, the
littered filename becomes /var/adm/utmp*x where '*' seems to be a random
number of random characters. A new file is created with a different
littered name and contains a single utmpx entry each time the
pty_update_utmp function is called. The 'who' command on Solaris 8
reads the /var/adm/utmpx file by default, so when pty_update_utmp
creates an utmpx entry into a littered filename, 'who' will not show
the Kerberos login, however the 'last' command does show the login
because wtmpx updates seem to be working fine.
Show quoted text
>How-To-Repeat:
To test, for example, install Kerberos 1.2.2 or some earlier versionsonto Solaris 8 sparc and setup klogind server to run from inetd, then
use Kerberos rlogin from a remote machine to login to the klogind.
I'm using the following line in the /etc/inet/inetd.conf for klogind:
eklogin stream tcp nowait root /usr/local/sbin/klogind klogind -5 -c -e -w ip
The results for me is that the user can login and function fine,
but the utmpx file name is littered as described above.
Show quoted text
>Fix:
I'm including a patch that fixes the utmpx problem on Solaris 8 sparc.I haven't tested the patched code on other platforms, so I'm not sure
if it won't break another platform. I left most of the code as-is
by still first populating an utmp structure when utmpx is available.
However, I setup preprocessor directives to avoid calling most of the
utmp functions (utmpname, setutent, pututline, and endutent) when
HAVE_SETUTXENT is defined. As original, the code still copies the utmp
structure 'ent' to utmpx structure 'utx' with the getutmpx function
else does the HP-UX/DEC workaround. I moved the setutxent call from
before the getutmpx down to after the utmpx structure is complete just
before the pututxline call. I addeded a utmpxname call just before the
new setutxent and gave it an argument of the preprocessed UTMPX_FILE.
Here is the patch:
*** DIST/krb5-1.2.2/src/util/pty/update_utmp.c Wed Feb 28 17:08:33 2001
--- PATCHED/krb5-1.2.2/src/util/pty/update_utmp.c Mon Nov 5 15:08:10 2001
***************
*** 112,119 ****
--- 112,122 ----
#ifdef HAVE_SETUTENT
+ #ifndef HAVE_SETUTXENT
utmpname(UTMP_FILE);
setutent();
+ #endif
+
/* If we need to preserve the user name in the wtmp structure and
* Our flags tell us we can obtain it from the utmp and we succeed in
* obtaining it, we then save the utmp structure we obtain, write
***************
*** 131,141 ****
}
#endif
pututline(&ent);
endutent();
#ifdef HAVE_SETUTXENT
! setutxent();
#ifdef HAVE_GETUTMPX
getutmpx(&ent, &utx);
#else
--- 134,146 ----
}
#endif
+ #ifndef HAVE_SETUTXENT
pututline(&ent);
endutent();
+ #endif
#ifdef HAVE_SETUTXENT
!
#ifdef HAVE_GETUTMPX
getutmpx(&ent, &utx);
#else
***************
*** 163,168 ****
--- 168,175 ----
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
else
utx.ut_host[0] = 0;
+ utmpxname(UTMPX_FILE);
+ setutxent();
pututxline(&utx);
endutxent();
#endif /* HAVE_SETUTXENT */
Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: