From opusl@whatmore.Stanford.EDU Fri Jan 23 20:37:18 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA09385 for <bugs@RT-11.MIT.EDU>; Fri, 23 Jan 1998 20:37:17 -0500
Received: from whatmore.Stanford.EDU by MIT.EDU with SMTP
id AA10479; Fri, 23 Jan 98 20:37:24 EST
Received: (from opusl@localhost)
by whatmore.Stanford.EDU (8.8.8/8.8.8) id RAA29495;
Fri, 23 Jan 1998 17:37:05 -0800 (PST)
Message-Id: <199801240137.RAA29495@whatmore.Stanford.EDU>
Date: Fri, 23 Jan 1998 17:37:05 -0800 (PST)
From: Larry Schwimmer <opusl@whatmore.Stanford.EDU>
To: krb5-bugs@MIT.EDU
Cc: schwim@leland.stanford.edu
Subject: update_[uw]tmp? (HPUX) getutline mismatch?
On HP-UX, pty_cleanup does not update wtmp correctly.
Consequently, last never shows logouts. Since our security officer
relies on wtmp logs to track down some problems, having the
information correct is important.
With krb5-1.0.4 telnetd or klogind, log in and log out.
The logout entry for /var/adm/wtmp is incorrect: the pid is incorrect
and the username and hostname fields are empty. HP-UX relies on the
PID matching, so the written entry is skipped.
1) util/pty/update_utmp.c
The code to extract the username from utmp is incorrect.
The line being passed in is the full path; getutline, however,
expects only the short name (name minus "/dev/") to be passed in.
Further, the name obtained by pty_update_utmp is never
actually used by pty_update_wtmp since it isn't copied into the utmp
structure passed in since since pty_update_wtmp uses that utmp
structure. So the values must also be copied into the utmp structure.
2) util/pty/update_wtmp.c
Copy the name into the utmp record that is written if the
current entry has none.
For HP-UX, use the pid from the current utmp entry, not the
pid of the current process, when creating the logout wtmp entry.
--- util/pty/update_utmp.c.orig Sun Feb 2 16:40:35 1997
+++ util/pty/update_utmp.c Tue Jan 20 09:31:05 1998
***************
*** 118,127 ****
&&line)
{
struct utmp *utptr;
- strncpy(ut.ut_line, line, sizeof(ut.ut_line));
utptr = getutline(&ut);
- if (utptr)
strncpy(userbuf,utptr->ut_user,sizeof(ut.ut_user));
}
#endif
--- 118,136 ----
&&line)
{
struct utmp *utptr;
+ /* we use line+5 to ignore "/dev/" */
+ strncpy(ut.ut_line, line+5, sizeof(ut.ut_line));
utptr = getutline(&ut);
+ if (utptr) {
strncpy(userbuf,utptr->ut_user,sizeof(ut.ut_user));
+ /* If the username must match, so must the pid */
+ ent.ut_pid = utptr->ut_pid;
+ #ifndef NO_UT_HOST
+ /* And we might as well have the host entry correct */
+ if (!ent.ut_host[0])
+ strncpy(ent.ut_host, utptr->ut_host, sizeof(ent.ut_host));
+ #endif
+ }
}
#endif
--- util/pty/update_wtmp.c.orig Fri Dec 20 11:10:17 1996
+++ util/pty/update_wtmp.c Tue Jan 20 07:12:39 1998
***************
*** 68,74 ****
strncpy (ut.ut_id, ent->ut_id, sizeof (ut.ut_id));
#endif
(void)strncpy(ut.ut_line, ent->ut_line, sizeof(ut.ut_line));
- (void)strncpy(ut.ut_name, ent->ut_name, sizeof(ut.ut_name));
#ifndef NO_UT_HOST
(void)strncpy(ut.ut_host, ent->ut_host, sizeof(ut.ut_host));
#endif
--- 68,77 ----
strncpy (ut.ut_id, ent->ut_id, sizeof (ut.ut_id));
#endif
(void)strncpy(ut.ut_line, ent->ut_line, sizeof(ut.ut_line));
+ if (!*ent->ut_name && user)
+ (void)strncpy(ut.ut_name, user, sizeof(ut.ut_name));
+ else
+ (void)strncpy(ut.ut_name, ent->ut_name, sizeof(ut.ut_name));
#ifndef NO_UT_HOST
(void)strncpy(ut.ut_host, ent->ut_host, sizeof(ut.ut_host));
#endif
***************
*** 76,87 ****
ut.ut_time = uttime;
#if defined(HAVE_GETUTENT) && defined(USER_PROCESS)
if (ent->ut_name) {
- if (!ut.ut_pid)
- ut.ut_pid = getpid();
#ifndef __hpux
ut.ut_type = USER_PROCESS;
#else
ut.ut_type = ent->ut_type;
#endif
} else {
#ifdef EMPTY
--- 79,91 ----
ut.ut_time = uttime;
#if defined(HAVE_GETUTENT) && defined(USER_PROCESS)
if (ent->ut_name) {
#ifndef __hpux
ut.ut_type = USER_PROCESS;
+ if (!ut.ut_pid)
+ ut.ut_pid = getpid();
#else
ut.ut_type = ent->ut_type;
+ ut.ut_pid = ent->ut_pid;
#endif
} else {
#ifdef EMPTY
Responsible-Changed-From-To: gnats-admin->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Mon Jan 26 23:06:58 1998
Responsible-Changed-Why:
Refiled
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA09385 for <bugs@RT-11.MIT.EDU>; Fri, 23 Jan 1998 20:37:17 -0500
Received: from whatmore.Stanford.EDU by MIT.EDU with SMTP
id AA10479; Fri, 23 Jan 98 20:37:24 EST
Received: (from opusl@localhost)
by whatmore.Stanford.EDU (8.8.8/8.8.8) id RAA29495;
Fri, 23 Jan 1998 17:37:05 -0800 (PST)
Message-Id: <199801240137.RAA29495@whatmore.Stanford.EDU>
Date: Fri, 23 Jan 1998 17:37:05 -0800 (PST)
From: Larry Schwimmer <opusl@whatmore.Stanford.EDU>
To: krb5-bugs@MIT.EDU
Cc: schwim@leland.stanford.edu
Subject: update_[uw]tmp? (HPUX) getutline mismatch?
Show quoted text
>Number: 534
>Category: pty
>Synopsis: update_[uw]tmp? (HPUX) getutline mismatch?
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Jan 23 20:38:01 EST 1998
>Last-Modified: Fri Sep 14 10:40:47 EDT 2001
>Originator: Larry Schwimmer
>Organization:
Stanford>Category: pty
>Synopsis: update_[uw]tmp? (HPUX) getutline mismatch?
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Jan 23 20:38:01 EST 1998
>Last-Modified: Fri Sep 14 10:40:47 EDT 2001
>Originator: Larry Schwimmer
>Organization:
Show quoted text
>Release: krb5-1.0.4
>Environment:
HP-UX>Environment:
Show quoted text
>Description:
On HP-UX, pty_cleanup does not update wtmp correctly.
Consequently, last never shows logouts. Since our security officer
relies on wtmp logs to track down some problems, having the
information correct is important.
Show quoted text
>How-To-Repeat:
With krb5-1.0.4 telnetd or klogind, log in and log out.
The logout entry for /var/adm/wtmp is incorrect: the pid is incorrect
and the username and hostname fields are empty. HP-UX relies on the
PID matching, so the written entry is skipped.
Show quoted text
>Fix:
1) util/pty/update_utmp.c
The code to extract the username from utmp is incorrect.
The line being passed in is the full path; getutline, however,
expects only the short name (name minus "/dev/") to be passed in.
Further, the name obtained by pty_update_utmp is never
actually used by pty_update_wtmp since it isn't copied into the utmp
structure passed in since since pty_update_wtmp uses that utmp
structure. So the values must also be copied into the utmp structure.
2) util/pty/update_wtmp.c
Copy the name into the utmp record that is written if the
current entry has none.
For HP-UX, use the pid from the current utmp entry, not the
pid of the current process, when creating the logout wtmp entry.
--- util/pty/update_utmp.c.orig Sun Feb 2 16:40:35 1997
+++ util/pty/update_utmp.c Tue Jan 20 09:31:05 1998
***************
*** 118,127 ****
&&line)
{
struct utmp *utptr;
- strncpy(ut.ut_line, line, sizeof(ut.ut_line));
utptr = getutline(&ut);
- if (utptr)
strncpy(userbuf,utptr->ut_user,sizeof(ut.ut_user));
}
#endif
--- 118,136 ----
&&line)
{
struct utmp *utptr;
+ /* we use line+5 to ignore "/dev/" */
+ strncpy(ut.ut_line, line+5, sizeof(ut.ut_line));
utptr = getutline(&ut);
+ if (utptr) {
strncpy(userbuf,utptr->ut_user,sizeof(ut.ut_user));
+ /* If the username must match, so must the pid */
+ ent.ut_pid = utptr->ut_pid;
+ #ifndef NO_UT_HOST
+ /* And we might as well have the host entry correct */
+ if (!ent.ut_host[0])
+ strncpy(ent.ut_host, utptr->ut_host, sizeof(ent.ut_host));
+ #endif
+ }
}
#endif
--- util/pty/update_wtmp.c.orig Fri Dec 20 11:10:17 1996
+++ util/pty/update_wtmp.c Tue Jan 20 07:12:39 1998
***************
*** 68,74 ****
strncpy (ut.ut_id, ent->ut_id, sizeof (ut.ut_id));
#endif
(void)strncpy(ut.ut_line, ent->ut_line, sizeof(ut.ut_line));
- (void)strncpy(ut.ut_name, ent->ut_name, sizeof(ut.ut_name));
#ifndef NO_UT_HOST
(void)strncpy(ut.ut_host, ent->ut_host, sizeof(ut.ut_host));
#endif
--- 68,77 ----
strncpy (ut.ut_id, ent->ut_id, sizeof (ut.ut_id));
#endif
(void)strncpy(ut.ut_line, ent->ut_line, sizeof(ut.ut_line));
+ if (!*ent->ut_name && user)
+ (void)strncpy(ut.ut_name, user, sizeof(ut.ut_name));
+ else
+ (void)strncpy(ut.ut_name, ent->ut_name, sizeof(ut.ut_name));
#ifndef NO_UT_HOST
(void)strncpy(ut.ut_host, ent->ut_host, sizeof(ut.ut_host));
#endif
***************
*** 76,87 ****
ut.ut_time = uttime;
#if defined(HAVE_GETUTENT) && defined(USER_PROCESS)
if (ent->ut_name) {
- if (!ut.ut_pid)
- ut.ut_pid = getpid();
#ifndef __hpux
ut.ut_type = USER_PROCESS;
#else
ut.ut_type = ent->ut_type;
#endif
} else {
#ifdef EMPTY
--- 79,91 ----
ut.ut_time = uttime;
#if defined(HAVE_GETUTENT) && defined(USER_PROCESS)
if (ent->ut_name) {
#ifndef __hpux
ut.ut_type = USER_PROCESS;
+ if (!ut.ut_pid)
+ ut.ut_pid = getpid();
#else
ut.ut_type = ent->ut_type;
+ ut.ut_pid = ent->ut_pid;
#endif
} else {
#ifdef EMPTY
Show quoted text
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Mon Jan 26 23:06:58 1998
Responsible-Changed-Why:
Refiled
Show quoted text
>Unformatted: