From 170b76cdd1a9b3879817b961a402a5c952cbe169 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Wed, 21 Dec 2022 18:33:40 +0100 Subject: [PATCH] Disable utmpx permanently On Linux, utmpx and utmp are identical. However, documentation (manual pages) covers utmp, and just says about utmpx that it's identical to utmp. It seems that it's preferred to use utmp, at least by reading the manual pages. Moreover, we were defaulting to utmp (utmpx had to be explicitly enabled at configuration time). So, it seems safer to just make it permanent, which should not affect default builds. Signed-off-by: Alejandro Colomar --- configure.ac | 17 ---- lib/prototypes.h | 13 --- libmisc/failure.c | 4 - libmisc/failure.h | 8 -- libmisc/limits.c | 13 --- libmisc/user_busy.c | 7 -- libmisc/utmp.c | 188 -------------------------------------------- src/login.c | 31 +------- src/logoutd.c | 34 ++------ 9 files changed, 6 insertions(+), 309 deletions(-) diff --git a/configure.ac b/configure.ac index 9d176d0b..c7dbadd5 100644 --- a/configure.ac +++ b/configure.ac @@ -228,17 +228,6 @@ AC_ARG_ENABLE(account-tools-setuid, [enable_acct_tools_setuid="no"] ) -AC_ARG_ENABLE(utmpx, - [AS_HELP_STRING([--enable-utmpx], - [enable loggin in utmpx / wtmpx @<:@default=no@:>@])], - [case "${enableval}" in - yes) enable_utmpx="yes" ;; - no) enable_utmpx="no" ;; - *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;; - esac], - [enable_utmpx="no"] -) - AC_ARG_ENABLE(subordinate-ids, [AS_HELP_STRING([--enable-subordinate-ids], [support subordinate ids @<:@default=yes@:>@])], @@ -697,12 +686,6 @@ if test "$with_skey" = "yes"; then ]])],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])],[]) fi -if test "$enable_utmpx" = "yes"; then - AC_DEFINE(USE_UTMPX, - 1, - [Define if utmpx should be used]) -fi - AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.]) AM_GNU_GETTEXT_VERSION([0.19]) diff --git a/lib/prototypes.h b/lib/prototypes.h index 885c7391..d2314dcd 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -22,11 +22,7 @@ #include #include -#ifdef USE_UTMPX -#include -#else #include -#endif #include #include #include @@ -466,21 +462,12 @@ extern int set_filesize_limit (int blocks); extern int user_busy (const char *name, uid_t uid); /* utmp.c */ -#ifndef USE_UTMPX extern /*@null@*/struct utmp *get_current_utmp (void); extern struct utmp *prepare_utmp (const char *name, const char *line, const char *host, /*@null@*/const struct utmp *ut); extern int setutmp (struct utmp *ut); -#else -extern /*@null@*/struct utmpx *get_current_utmp (void); -extern struct utmpx *prepare_utmpx (const char *name, - const char *line, - const char *host, - /*@null@*/const struct utmpx *ut); -extern int setutmpx (struct utmpx *utx); -#endif /* USE_UTMPX */ /* valid.c */ extern bool valid (const char *, const struct passwd *); diff --git a/libmisc/failure.c b/libmisc/failure.c index 1aab299c..fb4bcde3 100644 --- a/libmisc/failure.c +++ b/libmisc/failure.c @@ -243,11 +243,7 @@ void failprint (const struct faillog *fail) */ void failtmp (const char *username, -#ifdef USE_UTMPX - const struct utmpx *failent -#else /* !USE_UTMPX */ const struct utmp *failent -#endif /* !USE_UTMPX */ ) { const char *ftmp; diff --git a/libmisc/failure.h b/libmisc/failure.h index 2ac30d7f..374e54cc 100644 --- a/libmisc/failure.h +++ b/libmisc/failure.h @@ -13,11 +13,7 @@ #include "defines.h" #include "faillog.h" -#ifdef USE_UTMPX -#include -#else /* !USE_UTMPX */ #include -#endif /* !USE_UTMPX */ /* * failure - make failure entry @@ -51,11 +47,7 @@ extern void failprint (const struct faillog *); * failtmp updates the (struct utmp) formatted failure log which * maintains a record of all login failures. */ -#ifdef USE_UTMPX -extern void failtmp (const char *username, const struct utmpx *); -#else /* !USE_UTMPX */ extern void failtmp (const char *username, const struct utmp *); -#endif /* !USE_UTMPX */ #endif diff --git a/libmisc/limits.c b/libmisc/limits.c index 99518679..cf0e30ae 100644 --- a/libmisc/limits.c +++ b/libmisc/limits.c @@ -119,11 +119,7 @@ static int set_umask (const char *value) /* Counts the number of user logins and check against the limit */ static int check_logins (const char *name, const char *maxlogins) { -#ifdef USE_UTMPX - struct utmpx *ut; -#else /* !USE_UTMPX */ struct utmp *ut; -#endif /* !USE_UTMPX */ unsigned long limit, count; if (getulong (maxlogins, &limit) == 0) { @@ -136,13 +132,8 @@ static int check_logins (const char *name, const char *maxlogins) } count = 0; -#ifdef USE_UTMPX - setutxent (); - while ((ut = getutxent ())) -#else /* !USE_UTMPX */ setutent (); while ((ut = getutent ())) -#endif /* !USE_UTMPX */ { if (USER_PROCESS != ut->ut_type) { continue; @@ -158,11 +149,7 @@ static int check_logins (const char *name, const char *maxlogins) break; } } -#ifdef USE_UTMPX - endutxent (); -#else /* !USE_UTMPX */ endutent (); -#endif /* !USE_UTMPX */ /* * This is called after setutmp(), so the number of logins counted * includes the user who is currently trying to log in. diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c index c03feb29..1a4ea341 100644 --- a/libmisc/user_busy.c +++ b/libmisc/user_busy.c @@ -52,17 +52,10 @@ int user_busy (const char *name, uid_t uid) #ifndef __linux__ static int user_busy_utmp (const char *name) { -#ifdef USE_UTMPX - struct utmpx *utent; - - setutxent (); - while ((utent = getutxent ()) != NULL) -#else /* !USE_UTMPX */ struct utmp *utent; setutent (); while ((utent = getutent ()) != NULL) -#endif /* !USE_UTMPX */ { if (utent->ut_type != USER_PROCESS) { continue; diff --git a/libmisc/utmp.c b/libmisc/utmp.c index 45b479f1..6662bbe9 100644 --- a/libmisc/utmp.c +++ b/libmisc/utmp.c @@ -12,12 +12,7 @@ #include "defines.h" #include "prototypes.h" -#ifdef USE_UTMPX -#include -#else #include -#endif - #include #include #include @@ -75,7 +70,6 @@ static bool is_my_tty (const char *tty) * * Return NULL if no entries exist in utmp for the current process. */ -#ifndef USE_UTMPX /*@null@*/ /*@only@*/struct utmp *get_current_utmp (void) { struct utmp *ut; @@ -109,35 +103,6 @@ static bool is_my_tty (const char *tty) return ret; } -#else -/*@null@*/ /*@only*/struct utmpx *get_current_utmp(void) -{ - struct utmpx *ut; - struct utmpx *ret = NULL; - - setutxent (); - - /* Find the utmpx entry for this PID. */ - while ((ut = getutxent ()) != NULL) { - if ( (ut->ut_pid == getpid ()) - && ('\0' != ut->ut_id[0]) - && ( (LOGIN_PROCESS == ut->ut_type) - || (USER_PROCESS == ut->ut_type)) - && is_my_tty (ut->ut_line)) { - break; - } - } - - if (NULL != ut) { - ret = (struct utmpx *) xmalloc (sizeof (*ret)); - memcpy (ret, ut, sizeof (*ret)); - } - - endutxent (); - - return ret; -} -#endif #ifndef USE_PAM @@ -158,24 +123,9 @@ static void updwtmp (const char *filename, const struct utmp *ut) } #endif /* ! HAVE_UPDWTMP */ -#ifdef USE_UTMPX -#ifndef HAVE_UPDWTMPX -static void updwtmpx (const char *filename, const struct utmpx *utx) -{ - int fd; - - fd = open (filename, O_APPEND | O_WRONLY, 0); - if (fd >= 0) { - write (fd, (const char *) utx, sizeof (*utx)); - close (fd); - } -} -#endif /* ! HAVE_UPDWTMPX */ -#endif /* ! USE_UTMPX */ #endif /* ! USE_PAM */ -#ifndef USE_UTMPX /* * prepare_utmp - prepare an utmp entry so that it can be logged in a * utmp/wtmp file. @@ -334,141 +284,3 @@ int setutmp (struct utmp *ut) return err; } - -#else -/* - * prepare_utmpx - the UTMPX version for prepare_utmp - */ -/*@only@*/struct utmpx *prepare_utmpx (const char *name, - const char *line, - const char *host, - /*@null@*/const struct utmpx *ut) -{ - struct timeval tv; - char *hostname = NULL; - struct utmpx *utxent; - - assert (NULL != name); - assert (NULL != line); - - - - if ( (NULL != host) - && ('\0' != host[0])) { - hostname = (char *) xmalloc (strlen (host) + 1); - strcpy (hostname, host); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - } else if ( (NULL != ut) - && (NULL != ut->ut_host) - && ('\0' != ut->ut_host[0])) { - hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1); - strncpy (hostname, ut->ut_host, sizeof (ut->ut_host)); - hostname[sizeof (ut->ut_host)] = '\0'; -#endif /* HAVE_STRUCT_UTMP_UT_TYPE */ - } - - if (strncmp(line, "/dev/", 5) == 0) { - line += 5; - } - - utxent = (struct utmpx *) xmalloc (sizeof (*utxent)); - memzero (utxent, sizeof (*utxent)); - - - - utxent->ut_type = USER_PROCESS; - utxent->ut_pid = getpid (); - strncpy (utxent->ut_line, line, sizeof (utxent->ut_line)); - /* existence of ut->ut_id is enforced by configure */ - if (NULL != ut) { - strncpy (utxent->ut_id, ut->ut_id, sizeof (utxent->ut_id)); - } else { - /* XXX - assumes /dev/tty?? */ - strncpy (utxent->ut_id, line + 3, sizeof (utxent->ut_id)); - } -#ifdef HAVE_STRUCT_UTMPX_UT_NAME - strncpy (utxent->ut_name, name, sizeof (utxent->ut_name)); -#endif /* HAVE_STRUCT_UTMPX_UT_NAME */ - strncpy (utxent->ut_user, name, sizeof (utxent->ut_user)); - if (NULL != hostname) { - struct addrinfo *info = NULL; -#ifdef HAVE_STRUCT_UTMPX_UT_HOST - strncpy (utxent->ut_host, hostname, sizeof (utxent->ut_host)); -#endif /* HAVE_STRUCT_UTMPX_UT_HOST */ -#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN - utxent->ut_syslen = MIN (strlen (hostname), - sizeof (utxent->ut_host)); -#endif /* HAVE_STRUCT_UTMPX_UT_SYSLEN */ -#if defined(HAVE_STRUCT_UTMPX_UT_ADDR) || defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6) - if (getaddrinfo (hostname, NULL, NULL, &info) == 0) { - /* getaddrinfo might not be reliable. - * Just try to log what may be useful. - */ - if (info->ai_family == AF_INET) { - struct sockaddr_in *sa = - (struct sockaddr_in *) info->ai_addr; -#ifdef HAVE_STRUCT_UTMPX_UT_ADDR - memcpy (&utxent->ut_addr, - &(sa->sin_addr), - MIN (sizeof (utxent->ut_addr), - sizeof (sa->sin_addr))); -#endif /* HAVE_STRUCT_UTMPX_UT_ADDR */ -#ifdef HAVE_STRUCT_UTMPX_UT_ADDR_V6 - memcpy (utxent->ut_addr_v6, - &(sa->sin_addr), - MIN (sizeof (utxent->ut_addr_v6), - sizeof (sa->sin_addr))); - } else if (info->ai_family == AF_INET6) { - struct sockaddr_in6 *sa = - (struct sockaddr_in6 *) info->ai_addr; - memcpy (utxent->ut_addr_v6, - &(sa->sin6_addr), - MIN (sizeof (utxent->ut_addr_v6), - sizeof (sa->sin6_addr))); -#endif /* HAVE_STRUCT_UTMPX_UT_ADDR_V6 */ - } - freeaddrinfo (info); - } -#endif /* HAVE_STRUCT_UTMPX_UT_ADDR || HAVE_STRUCT_UTMPX_UT_ADDR_V6 */ - free (hostname); - } - /* ut_exit is only for DEAD_PROCESS */ - utxent->ut_session = getsid (0); - if (gettimeofday (&tv, NULL) == 0) { -#ifdef HAVE_STRUCT_UTMPX_UT_TIME - utxent->ut_time = tv.tv_sec; -#endif /* HAVE_STRUCT_UTMPX_UT_TIME */ -#ifdef HAVE_STRUCT_UTMPX_UT_XTIME - utxent->ut_xtime = tv.tv_usec; -#endif /* HAVE_STRUCT_UTMPX_UT_XTIME */ - utxent->ut_tv.tv_sec = tv.tv_sec; - utxent->ut_tv.tv_usec = tv.tv_usec; - } - - return utxent; -} - -/* - * setutmpx - the UTMPX version for setutmp - */ -int setutmpx (struct utmpx *utx) -{ - int err = 0; - - assert (NULL != utx); - - setutxent (); - if (pututxline (utx) == NULL) { - err = 1; - } - endutxent (); - -#ifndef USE_PAM - /* This is done by pam_lastlog */ - updwtmpx (_WTMP_FILE "x", utx); -#endif /* ! USE_PAM */ - - return err; -} -#endif /* USE_UTMPX */ - diff --git a/src/login.c b/src/login.c index 00482816..eb1b20c9 100644 --- a/src/login.c +++ b/src/login.c @@ -107,11 +107,7 @@ static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *use static void update_utmp (const char *user, const char *tty, const char *host, -#ifdef USE_UTMPX - /*@null@*/const struct utmpx *utent -#else /*@null@*/const struct utmp *utent -#endif ); #ifndef USE_PAM @@ -462,26 +458,13 @@ static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *use static void update_utmp (const char *user, const char *tty, const char *host, -#ifdef USE_UTMPX - /*@null@*/const struct utmpx *utent -#else /*@null@*/const struct utmp *utent -#endif ) { -#ifdef USE_UTMPX - struct utmpx *utx = prepare_utmpx (user, tty, host, utent); -#else struct utmp *ut = prepare_utmp (user, tty, host, utent); -#endif /* USE_UTMPX */ -#ifndef USE_UTMPX (void) setutmp (ut); /* make entry in the utmp & wtmp files */ free (ut); -#else - (void) setutmpx (utx); /* make entry in the utmpx & wtmpx files */ - free (utx); -#endif /* USE_UTMPX */ } /* @@ -526,11 +509,7 @@ int main (int argc, char **argv) struct passwd *pwd = NULL; char **envp = environ; const char *failent_user; -#ifdef USE_UTMPX - /*@null@*/struct utmpx *utent; -#else /*@null@*/struct utmp *utent; -#endif #ifdef USE_PAM int retcode; @@ -674,7 +653,7 @@ int main (int argc, char **argv) if (rflg || hflg) { cp = hostname; -#if defined(HAVE_STRUCT_UTMP_UT_HOST) || defined(USE_UTMPX) +#if defined(HAVE_STRUCT_UTMP_UT_HOST) } else if ((NULL != utent) && ('\0' != utent->ut_host[0])) { cp = utent->ut_host; #endif /* HAVE_STRUCT_UTMP_UT_HOST */ @@ -1036,19 +1015,11 @@ int main (int argc, char **argv) failure (pwd->pw_uid, tty, &faillog); } if (getdef_str ("FTMP_FILE") != NULL) { -#ifdef USE_UTMPX - struct utmpx *failent = - prepare_utmpx (failent_user, - tty, - /* FIXME: or fromhost? */hostname, - utent); -#else /* !USE_UTMPX */ struct utmp *failent = prepare_utmp (failent_user, tty, hostname, utent); -#endif /* !USE_UTMPX */ failtmp (failent_user, failent); free (failent); } diff --git a/src/logoutd.c b/src/logoutd.c index 03680f3f..76b93086 100644 --- a/src/logoutd.c +++ b/src/logoutd.c @@ -32,21 +32,13 @@ const char *Prog; #endif /* local function prototypes */ -#ifdef USE_UTMPX -static int check_login (const struct utmpx *ut); -#else /* !USE_UTMPX */ static int check_login (const struct utmp *ut); -#endif /* !USE_UTMPX */ static void send_mesg_to_tty (int tty_fd); /* - * check_login - check if user (struct utmpx/utmp) allowed to stay logged in + * check_login - check if user (struct utmp) allowed to stay logged in */ -#ifdef USE_UTMPX -static int check_login (const struct utmpx *ut) -#else /* !USE_UTMPX */ static int check_login (const struct utmp *ut) -#endif /* !USE_UTMPX */ { char user[sizeof (ut->ut_user) + 1]; time_t now; @@ -116,7 +108,7 @@ static void send_mesg_to_tty (int tty_fd) * * logoutd is started at system boot time and enforces the login * time and port restrictions specified in /etc/porttime. The - * utmpx/utmp file is periodically scanned and offending users are logged + * utmp file is periodically scanned and offending users are logged * off from the system. */ int main (int argc, char **argv) @@ -125,11 +117,7 @@ int main (int argc, char **argv) int status; pid_t pid; -#ifdef USE_UTMPX - struct utmpx *ut; -#else /* !USE_UTMPX */ struct utmp *ut; -#endif /* !USE_UTMPX */ char user[sizeof (ut->ut_user) + 1]; /* terminating NUL */ char tty_name[sizeof (ut->ut_line) + 6]; /* /dev/ + NUL */ int tty_fd; @@ -171,31 +159,23 @@ int main (int argc, char **argv) OPENLOG ("logoutd"); /* - * Scan the utmpx/utmp file once per minute looking for users that + * Scan the utmp file once per minute looking for users that * are not supposed to still be logged in. */ while (true) { /* - * Attempt to re-open the utmpx/utmp file. The file is only + * Attempt to re-open the utmp file. The file is only * open while it is being used. */ -#ifdef USE_UTMPX - setutxent (); -#else /* !USE_UTMPX */ setutent (); -#endif /* !USE_UTMPX */ /* - * Read all of the entries in the utmpx/utmp file. The entries + * Read all of the entries in the utmp file. The entries * for login sessions will be checked to see if the user * is permitted to be signed on at this time. */ -#ifdef USE_UTMPX - while ((ut = getutxent ()) != NULL) -#else /* !USE_UTMPX */ while ((ut = getutent ()) != NULL) -#endif /* !USE_UTMPX */ { if (ut->ut_type != USER_PROCESS) { continue; @@ -259,11 +239,7 @@ int main (int argc, char **argv) exit (EXIT_SUCCESS); } -#ifdef USE_UTMPX - endutxent (); -#else /* !USE_UTMPX */ endutent (); -#endif /* !USE_UTMPX */ #ifndef DEBUG sleep (60);