Ticket #9 (new enhancement)

Opened 22 months ago

Last modified 2 months ago

[PATCH] Allow pam_lastlog to write to utmp as an option

Reported by: shadowkyogre Owned by: pam-developers@…
Priority: major Component: modules
Version: 1.1.x Keywords: pam_lastlog utmp update patch prototype
Cc: Blocked By:
Blocking:

Description

The following patch for pam_lastlog allows it to write to utmp as well as wtmp. Part of the code is from xorg-sessreg to help make a utmp entry. I only tested this on my desktop, which is running Arch Linux, so some modifications may need to be made in order to make it more portable.

Attachments

lastlog_write_to_utmp.patch (6.4 KB) - added by shadowkyogre 22 months ago.
Remove the frees put in there because it freed memory that didn't need to be freed

Change History

comment:1 Changed 22 months ago by shadowkyogre

  • Summary changed from Allow pam_lastlog to write to utmp as an option to [PATCH] Allow pam_lastlog to write to utmp as an option

Changed 22 months ago by shadowkyogre

Remove the frees put in there because it freed memory that didn't need to be freed

comment:2 Changed 8 months ago by kukuk

The patch has some problems. I think at least at one place, WTMP and UTMP are mixed, and on others, comments needs to be adjusted. Beside that, changing the default behavior is not a good idea and will not be made with a 1.1.X release, since all systems will got broken with this update.

But the big question is: why does pam_lastlog need to write an utmp entry? Normally this is done by the application, because the PAM module does not really now if everything as successful or if an error occurded somewhere.

comment:3 Changed 2 months ago by shadowkyogre

Sorry for the long delay on replying. As for why that was the case (for why I wrote the patch), I wasn't aware that it was the responsibility of the login program at the time of writing it. It was during a time that I was testing out developing a login program in python and the python-utmp library only provided read-access when I was trying to use it to record utmp entries (which was pretty odd, and I had to rely on sessreg in order to log the entries reliably) after authenticating the user. Which led me to fiddling around in pypam to make authenticating easier, but had to search around various other sources to see how utmp entries were recorded (including sessreg's source).

As for preserving the default behavior, would it be more sane to assume that the utmp logging should always be turned off?

Note: See TracTickets for help on using tickets.