- uniformized configs to use system-auth where possible

[packages/util-linux.git] / util-linux-audit-login.patch

- add audit message to login

diff -ur util-linux-2.13-pre4.orig/login-utils/login.c util-linux-2.13-pre4/login-utils/login.c
--- util-linux-2.13-pre4.orig/login-utils/login.c       2005-10-14 13:59:08.000000000 -0400
+++ util-linux-2.13-pre4/login-utils/login.c    2005-10-14 15:43:54.000000000 -0400
@@ -106,6 +106,7 @@
 #include <sys/syslog.h>
 #include <sys/sysmacros.h>
 #include <netdb.h>
+#include <libaudit.h>
 #include "pathnames.h"
 #include "my_crypt.h"
 #include "login.h"
@@ -329,6 +330,7 @@
 #ifdef LOGIN_CHOWN_VCS
     char vcsn[20], vcsan[20];
 #endif
+    int audit_fd;
 
     pid = getpid();
 
@@ -545,11 +547,25 @@
               (retcode == PAM_USER_UNKNOWN) ||
               (retcode == PAM_CRED_INSUFFICIENT) ||
               (retcode == PAM_AUTHINFO_UNAVAIL))) {
+           struct passwd *pw;
+           char buf[64];
            pam_get_item(pamh, PAM_USER, (const void **) &username);
 
            syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"),
                   failcount, hostname, username, pam_strerror(pamh, retcode));
            logbtmp(tty_name, username, hostname);
+           audit_fd = audit_open();
+           pw = getpwnam(username);
+           if (pw) {
+               snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+               audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+                       buf, hostname, NULL, tty_name, 0);
+           } else {
+               snprintf(buf, sizeof(buf), "acct=%s", username);
+               audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+                       buf, hostname, NULL, tty_name, 0);
+           }
+           close(audit_fd);
 
            fprintf(stderr,_("Login incorrect\n\n"));
            pam_set_item(pamh,PAM_USER,NULL);
@@ -557,6 +573,8 @@
        }
 
        if (retcode != PAM_SUCCESS) {
+           struct passwd *pw;
+           char buf[64];
            pam_get_item(pamh, PAM_USER, (const void **) &username);
 
            if (retcode == PAM_MAXTRIES)
@@ -567,6 +585,18 @@
                syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"),
                        hostname, username, pam_strerror(pamh, retcode));
            logbtmp(tty_name, username, hostname);
+           audit_fd = audit_open();
+           pw = getpwnam(username);
+           if (pw) {
+               snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+               audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+                       buf, hostname, NULL, tty_name, 0);
+           } else {
+               snprintf(buf, sizeof(buf), "acct=%s", username);
+               audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+                       buf, hostname, NULL, tty_name, 0);
+           }
+           close(audit_fd);
 
            fprintf(stderr,_("\nLogin incorrect\n"));
            pam_end(pamh, retcode);
@@ -908,6 +938,15 @@
 #endif
 #endif
     }
+
+    {
+       char buf[32];
+       audit_fd = audit_open();
+       snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid);
+       audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+               buf, hostname, NULL, tty_name, 1);
+       close(audit_fd);
+    }
     
     dolastlog(quietlog);
     
diff -ur util-linux-2.13-pre4.orig/login-utils/Makefile.am util-linux-2.13-pre4/login-utils/Makefile.am
--- util-linux-2.13-pre4.orig/login-utils/Makefile.am   2005-10-14 13:59:08.000000000 -0400
+++ util-linux-2.13-pre4/login-utils/Makefile.am        2005-10-14 15:45:22.000000000 -0400
@@ -55,7 +55,7 @@
 if HAVE_PAM
 chfn_LDADD += -lpam -lpam_misc
 chsh_LDADD += -lpam -lpam_misc
-login_LDADD += -lpam -lpam_misc
+login_LDADD += -lpam -lpam_misc -laudit
 login_SOURCES = login.c
 else
 login_SOURCES = login.c checktty.c