emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Adding logging of SSH_ORIGINAL_COMMAND to nologin.

Browse Source 
If SSH_ORIGINAL_COMMAND is set, it will be added to the syslog entry.

Closes #123.

Changelog: (SEH squashed commit): Fixing indentation
Changelog: (SEH) break up long line
This commit is contained in:
ed 2019-12-26 13:17:11 +00:00 committed by Serge Hallyn
parent d7add53f06
commit 4c9ec2f5a4
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
man/nologin.8.xml
View File

@ -72,6 +72,9 @@
<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum> <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>. </citerefentry>.
</para> </para>
<para>
If <command>SSH_ORIGINAL_COMMAND</command> is populated it will be logged.
</para>
</refsect1> </refsect1>
<refsect1 id='see_also'> <refsect1 id='see_also'>

7
src/nologin.c
View File

@ -45,9 +45,14 @@ int main (void)
if (NULL == user) { if (NULL == user) {
user = "UNKNOWN"; user = "UNKNOWN";
} }
char *ssh_origcmd = getenv("SSH_ORIGINAL_COMMAND");
uid = getuid (); /* getuid() is always successful */ uid = getuid (); /* getuid() is always successful */
openlog ("nologin", LOG_CONS, LOG_AUTH); openlog ("nologin", LOG_CONS, LOG_AUTH);
syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s", user, uid, tty); syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s%s%s",
user, uid, tty,
(ssh_origcmd ? " SSH_ORIGINAL_COMMAND=" : ""),
(ssh_origcmd ? ssh_origcmd : ""));
closelog (); closelog ();
printf ("%s", "This account is currently not available.\n"); printf ("%s", "This account is currently not available.\n");