Log to wtmp and btmp

Author: robert-ancell

src/session-child.c

@@ -13,6 +13,7 @@
 #include <grp.h>
 #include <glib.h>
 #include <security/pam_appl.h>
+#include <utmp.h>
 #include <utmpx.h>
 #include <sys/mman.h>
 
@@ -196,6 +197,29 @@ read_xauth (void)
     return x_authority_new (x_authority_family, x_authority_address, x_authority_address_length, x_authority_number, x_authority_name, x_authority_data, x_authority_data_length);
 }
 
+/* GNU provides this but we can't rely on that so let's make our own version */
+static void
+updwtmpx (const gchar *wtmp_file, struct utmpx *ut)
+{
+    struct utmp u;
+
+    memset (&u, 0, sizeof (u));
+    u.ut_type = ut->ut_type;
+    u.ut_pid = ut->ut_pid;
+    if (ut->ut_line)
+        strncpy (u.ut_line, ut->ut_line, sizeof (u.ut_line));
+    if (ut->ut_id)
+        strncpy (u.ut_id, ut->ut_id, sizeof (u.ut_id));
+    if (ut->ut_user)
+        strncpy (u.ut_user, ut->ut_user, sizeof (u.ut_user));
+    if (ut->ut_host)
+        strncpy (u.ut_host, ut->ut_host, sizeof (u.ut_host));
+    u.ut_tv.tv_sec = ut->ut_tv.tv_sec;
+    u.ut_tv.tv_usec = ut->ut_tv.tv_usec;
+  
+    updwtmp (wtmp_file, &u);
+}
+
 int
 session_child_run (int argc, char **argv)
 {
@@ -333,6 +357,34 @@ session_child_run (int argc, char **argv)
         g_free (username);
         username = g_strdup (new_username);
 
+        /* Write record to btmp database */
+        if (authentication_result == PAM_AUTH_ERR)
+        {
+            struct utmpx ut;
+            struct timeval tv;
+
+            memset (&ut, 0, sizeof (ut));
+            ut.ut_type = USER_PROCESS;
+            ut.ut_pid = getpid ();
+            if (xdisplay)
+            {
+                strncpy (ut.ut_line, xdisplay, sizeof (ut.ut_line));
+                strncpy (ut.ut_id, xdisplay, sizeof (ut.ut_id));
+            }
+            else if (tty)
+                strncpy (ut.ut_line, tty + strlen ("/dev/"), sizeof (ut.ut_line));
+            strncpy (ut.ut_user, username, sizeof (ut.ut_user));
+            if (xdisplay)
+                strncpy (ut.ut_host, xdisplay, sizeof (ut.ut_host));
+            else if (remote_host_name)
+                strncpy (ut.ut_host, remote_host_name, sizeof (ut.ut_host));
+            gettimeofday (&tv, NULL);
+            ut.ut_tv.tv_sec = tv.tv_sec;
+            ut.ut_tv.tv_usec = tv.tv_usec;
+
+            updwtmpx ("/var/log/btmp", &ut);
+        }
+
         /* Check account is valid */
         if (authentication_result == PAM_SUCCESS)
             authentication_result = pam_acct_mgmt (pam_handle, 0);
@@ -617,10 +669,12 @@ session_child_run (int argc, char **argv)
             ut.ut_tv.tv_sec = tv.tv_sec;
             ut.ut_tv.tv_usec = tv.tv_usec;
 
+            /* Write records to utmp/wtmp databases */
             setutxent ();
             if (!pututxline (&ut))
                 g_printerr ("Failed to write utmpx: %s\n", strerror (errno));
             endutxent ();
+            updwtmpx ("/var/log/wtmp", &ut);
         }
 
         waitpid (child_pid, &return_code, 0);
@@ -651,10 +705,12 @@ session_child_run (int argc, char **argv)
             ut.ut_tv.tv_sec = tv.tv_sec;
             ut.ut_tv.tv_usec = tv.tv_usec;
 
+            /* Write records to utmp/wtmp databases */
             setutxent ();
             if (!pututxline (&ut))
                 g_printerr ("Failed to write utmpx: %s\n", strerror (errno));
             endutxent ();
+            updwtmpx ("/var/log/wtmp", &ut);
         }
     }
 

tests/Makefile.am

@@ -144,7 +144,9 @@ TESTS = \
 	test-vnc-open-file-descriptors \
 	test-xdmcp-client \
 	test-xdmcp-server-login \
-	test-utmp \
+	test-utmp-login \
+	test-utmp-autologin \
+	test-utmp-wrong-password \
 	test-no-accounts-service \
 	test-console-kit \
 	test-no-console-kit \
@@ -476,7 +478,9 @@ EXTRA_DIST = \
 	scripts/user-renamed.conf \
 	scripts/user-renamed-invalid.conf \
 	scripts/user-session.conf \
-	scripts/utmp.conf \
+	scripts/utmp-autologin.conf \
+	scripts/utmp-login.conf \
+	scripts/utmp-wrong-password.conf \
 	scripts/vnc-command.conf \
 	scripts/vnc-dimensions.conf \
 	scripts/vnc-login.conf \

tests/scripts/utmp.conf renamed to tests/scripts/utmp-autologin.conf

@@ -1,5 +1,5 @@
 #
-# Check UTMP records written on login
+# Check UTMP records written on autologin
 #
 
 [test-utmp-config]
@@ -20,8 +20,9 @@ user-session=default
 #?XSERVER-0 INDICATE-READY
 #?XSERVER-0 ACCEPT-CONNECT
 
-# UTMP record written
+# UTMP/WTMP record written
 #?UTMP TYPE=USER_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+#?WTMP FILE=.*/wtmp TYPE=USER_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
 
 # Autologin session starts
 #?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1
@@ -31,8 +32,9 @@ user-session=default
 # Logout session
 #?*SESSION-X-0 LOGOUT
 
-# UTMP record written
+# UTMP/WTMP record written
 #?UTMP TYPE=DEAD_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+#?WTMP FILE=.*/wtmp TYPE=DEAD_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
 
 # X server stops
 #?XSERVER-0 TERMINATE SIGNAL=15

tests/scripts/utmp-login.conf

@@ -0,0 +1,75 @@
+#
+# Check UTMP records written on login
+#
+
+[test-utmp-config]
+check-events=true
+
+[SeatDefaults]
+user-session=default
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+
+# X server starts
+#?XSERVER-0 START VT=7 SEAT=seat0
+
+# Daemon connects when X server is ready
+#?*XSERVER-0 INDICATE-READY
+#?XSERVER-0 INDICATE-READY
+#?XSERVER-0 ACCEPT-CONNECT
+
+# Greeter starts
+#?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter
+#?XSERVER-0 ACCEPT-CONNECT
+#?GREETER-X-0 CONNECT-XSERVER
+#?GREETER-X-0 CONNECT-TO-DAEMON
+#?GREETER-X-0 CONNECTED-TO-DAEMON
+
+# Log into account with a password
+#?*GREETER-X-0 AUTHENTICATE USERNAME=have-password1
+#?GREETER-X-0 SHOW-PROMPT TEXT="Password:"
+#?*GREETER-X-0 RESPOND TEXT="password"
+#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE
+#?*GREETER-X-0 START-SESSION
+#?GREETER-X-0 TERMINATE SIGNAL=15
+
+# UTMP/WTMP record written
+#?UTMP TYPE=USER_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+#?WTMP FILE=.*/wtmp TYPE=USER_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+
+# Session starts
+#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1
+#?XSERVER-0 ACCEPT-CONNECT
+#?SESSION-X-0 CONNECT-XSERVER
+
+# Logout session
+#?*SESSION-X-0 LOGOUT
+
+# UTMP/WTMP record written
+#?UTMP TYPE=DEAD_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+#?WTMP FILE=.*/wtmp TYPE=DEAD_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0
+
+# X server stops
+#?XSERVER-0 TERMINATE SIGNAL=15
+
+# X server starts
+#?XSERVER-0 START VT=7 SEAT=seat0
+
+# Daemon connects when X server is ready
+#?*XSERVER-0 INDICATE-READY
+#?XSERVER-0 INDICATE-READY
+#?XSERVER-0 ACCEPT-CONNECT
+
+# Greeter starts
+#?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter
+#?XSERVER-0 ACCEPT-CONNECT
+#?GREETER-X-0 CONNECT-XSERVER
+#?GREETER-X-0 CONNECT-TO-DAEMON
+#?GREETER-X-0 CONNECTED-TO-DAEMON
+
+# Cleanup
+#?*STOP-DAEMON
+#?GREETER-X-0 TERMINATE SIGNAL=15
+#?XSERVER-0 TERMINATE SIGNAL=15
+#?RUNNER DAEMON-EXIT STATUS=0

tests/scripts/utmp-wrong-password.conf

@@ -0,0 +1,38 @@
+#
+# Check BTMP records written on failed login
+#
+
+[test-utmp-config]
+check-events=true
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+
+# X server starts
+#?XSERVER-0 START VT=7 SEAT=seat0
+
+# Daemon connects when X server is ready
+#?*XSERVER-0 INDICATE-READY
+#?XSERVER-0 INDICATE-READY
+#?XSERVER-0 ACCEPT-CONNECT
+
+# Greeter starts
+#?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter
+#?XSERVER-0 ACCEPT-CONNECT
+#?GREETER-X-0 CONNECT-XSERVER
+#?GREETER-X-0 CONNECT-TO-DAEMON
+#?GREETER-X-0 CONNECTED-TO-DAEMON
+
+# Login with invalid password
+#?*GREETER-X-0 AUTHENTICATE USERNAME=have-password1
+#?GREETER-X-0 SHOW-PROMPT TEXT="Password:"
+#?*GREETER-X-0 RESPOND TEXT="rubbish"
+#?WTMP FILE=.*/btmp TYPE=USER_PROCESS LINE=:0 ID=:0 USER=have-password1 HOST=:0    
+#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=FALSE
+
+# Cleanup
+#?*STOP-DAEMON
+#?GREETER-X-0 TERMINATE SIGNAL=15
+#?XSERVER-0 TERMINATE SIGNAL=15
+#?RUNNER DAEMON-EXIT STATUS=0
+

tests/src/libsystem.c

@@ -15,6 +15,7 @@
 #include <security/pam_appl.h>
 #include <fcntl.h>
 #include <dlfcn.h>
+#include <utmp.h>
 #include <utmpx.h>
 #ifdef __linux__
 #include <linux/vt.h>
@@ -1442,43 +1443,44 @@ void
 setutxent (void)
 {
 }
-  
+
 struct utmpx *
 pututxline (const struct utmpx *ut)
 {
-    GString *status;
-
-    status = g_string_new ("UTMP");
-    switch (ut->ut_type)
-    {
-    case INIT_PROCESS:
-        g_string_append_printf (status, " TYPE=INIT_PROCESS");
-        break;
-    case LOGIN_PROCESS:
-        g_string_append_printf (status, " TYPE=LOGIN_PROCESS");
-        break;
-    case USER_PROCESS:
-        g_string_append_printf (status, " TYPE=USER_PROCESS");
-        break;
-    case DEAD_PROCESS:
-        g_string_append_printf (status, " TYPE=DEAD_PROCESS");
-        break;
-    default:
-        g_string_append_printf (status, " TYPE=%d", ut->ut_type);
-    }
-    if (ut->ut_line)
-        g_string_append_printf (status, " LINE=%s", ut->ut_line);
-    if (ut->ut_id)
-        g_string_append_printf (status, " ID=%s", ut->ut_id);
-    if (ut->ut_user)
-        g_string_append_printf (status, " USER=%s", ut->ut_user);
-    if (ut->ut_host)
-        g_string_append_printf (status, " HOST=%s", ut->ut_host);
-
     connect_status ();
     if (g_key_file_get_boolean (config, "test-utmp-config", "check-events", NULL))
+    {
+        GString *status;
+
+        status = g_string_new ("UTMP");
+        switch (ut->ut_type)
+        {
+        case INIT_PROCESS:
+            g_string_append_printf (status, " TYPE=INIT_PROCESS");
+            break;
+        case LOGIN_PROCESS:
+            g_string_append_printf (status, " TYPE=LOGIN_PROCESS");
+            break;
+        case USER_PROCESS:
+            g_string_append_printf (status, " TYPE=USER_PROCESS");
+            break;
+        case DEAD_PROCESS:
+            g_string_append_printf (status, " TYPE=DEAD_PROCESS");
+            break;
+        default:
+            g_string_append_printf (status, " TYPE=%d", ut->ut_type);
+        }
+        if (ut->ut_line)
+            g_string_append_printf (status, " LINE=%s", ut->ut_line);
+        if (ut->ut_id)
+            g_string_append_printf (status, " ID=%s", ut->ut_id);
+        if (ut->ut_user)
+            g_string_append_printf (status, " USER=%s", ut->ut_user);
+        if (ut->ut_host)
+            g_string_append_printf (status, " HOST=%s", ut->ut_host);
         status_notify ("%s", status->str);
-    g_string_free (status, TRUE);
+        g_string_free (status, TRUE);
+    }
 
     return (struct utmpx *)ut;
 }
@@ -1488,6 +1490,46 @@ endutxent (void)
 {
 }
 
+void
+updwtmp (const char *wtmp_file, const struct utmp *ut)
+{
+    connect_status ();
+    if (g_key_file_get_boolean (config, "test-utmp-config", "check-events", NULL))
+    {
+        GString *status;
+
+        status = g_string_new ("WTMP");
+        g_string_append_printf (status, " FILE=%s", wtmp_file);
+        switch (ut->ut_type)
+        {
+        case INIT_PROCESS:
+            g_string_append_printf (status, " TYPE=INIT_PROCESS");
+            break;
+        case LOGIN_PROCESS:
+            g_string_append_printf (status, " TYPE=LOGIN_PROCESS");
+            break;
+        case USER_PROCESS:
+            g_string_append_printf (status, " TYPE=USER_PROCESS");
+            break;
+        case DEAD_PROCESS:
+            g_string_append_printf (status, " TYPE=DEAD_PROCESS");
+            break;
+        default:
+            g_string_append_printf (status, " TYPE=%d", ut->ut_type);
+        }
+        if (ut->ut_line)
+            g_string_append_printf (status, " LINE=%s", ut->ut_line);
+        if (ut->ut_id)
+            g_string_append_printf (status, " ID=%s", ut->ut_id);
+        if (ut->ut_user)
+            g_string_append_printf (status, " USER=%s", ut->ut_user);
+        if (ut->ut_host)
+            g_string_append_printf (status, " HOST=%s", ut->ut_host);
+        status_notify ("%s", status->str);
+        g_string_free (status, TRUE);
+    }
+}
+
 struct xcb_connection_t
 {
     gchar *display;