1 - add audit message to login
3 diff -ur util-linux-2.13-pre4.orig/login-utils/login.c util-linux-2.13-pre4/login-utils/login.c
4 --- util-linux-2.13-pre4.orig/login-utils/login.c 2005-10-14 13:59:08.000000000 -0400
5 +++ util-linux-2.13-pre4/login-utils/login.c 2005-10-14 15:43:54.000000000 -0400
7 #include <sys/syslog.h>
8 #include <sys/sysmacros.h>
10 +#include <libaudit.h>
11 #include "pathnames.h"
15 #ifdef LOGIN_CHOWN_VCS
16 char vcsn[20], vcsan[20];
23 (retcode == PAM_USER_UNKNOWN) ||
24 (retcode == PAM_CRED_INSUFFICIENT) ||
25 (retcode == PAM_AUTHINFO_UNAVAIL))) {
28 pam_get_item(pamh, PAM_USER, (const void **) &username);
30 syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"),
31 failcount, hostname, username, pam_strerror(pamh, retcode));
32 logbtmp(tty_name, username, hostname);
33 + audit_fd = audit_open();
34 + pw = getpwnam(username);
36 + snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
37 + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
38 + buf, hostname, NULL, tty_name, 0);
40 + snprintf(buf, sizeof(buf), "acct=%s", username);
41 + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
42 + buf, hostname, NULL, tty_name, 0);
46 fprintf(stderr,_("Login incorrect\n\n"));
47 pam_set_item(pamh,PAM_USER,NULL);
51 if (retcode != PAM_SUCCESS) {
54 pam_get_item(pamh, PAM_USER, (const void **) &username);
56 if (retcode == PAM_MAXTRIES)
58 syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"),
59 hostname, username, pam_strerror(pamh, retcode));
60 logbtmp(tty_name, username, hostname);
61 + audit_fd = audit_open();
62 + pw = getpwnam(username);
64 + snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
65 + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
66 + buf, hostname, NULL, tty_name, 0);
68 + snprintf(buf, sizeof(buf), "acct=%s", username);
69 + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
70 + buf, hostname, NULL, tty_name, 0);
74 fprintf(stderr,_("\nLogin incorrect\n"));
75 pam_end(pamh, retcode);
83 + audit_fd = audit_open();
84 + snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid);
85 + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
86 + buf, hostname, NULL, tty_name, 1);
92 diff -ur util-linux-2.13-pre4.orig/login-utils/Makefile.am util-linux-2.13-pre4/login-utils/Makefile.am
93 --- util-linux-2.13-pre4.orig/login-utils/Makefile.am 2005-10-14 13:59:08.000000000 -0400
94 +++ util-linux-2.13-pre4/login-utils/Makefile.am 2005-10-14 15:45:22.000000000 -0400
97 chfn_LDADD += -lpam -lpam_misc
98 chsh_LDADD += -lpam -lpam_misc
99 -login_LDADD += -lpam -lpam_misc
100 +login_LDADD += -lpam -lpam_misc -laudit
101 login_SOURCES = login.c
103 login_SOURCES = login.c checktty.c