]>
Commit | Line | Data |
---|---|---|
5545a732 JR |
1 | - add audit message to login |
2 | ||
3 | diff -ur util-linux-2.13-pre4.orig/login-utils/login.c util-linux-2.13-pre4/login-utils/login.c | |
4 | --- util-linux-2.13-pre4.orig/login-utils/login.c 2005-10-14 13:59:08.000000000 -0400 | |
5 | +++ util-linux-2.13-pre4/login-utils/login.c 2005-10-14 15:43:54.000000000 -0400 | |
6 | @@ -106,6 +106,7 @@ | |
7 | #include <sys/syslog.h> | |
8 | #include <sys/sysmacros.h> | |
9 | #include <netdb.h> | |
10 | +#include <libaudit.h> | |
11 | #include "pathnames.h" | |
12 | #include "my_crypt.h" | |
13 | #include "login.h" | |
14 | @@ -329,6 +330,7 @@ | |
15 | #ifdef LOGIN_CHOWN_VCS | |
16 | char vcsn[20], vcsan[20]; | |
17 | #endif | |
18 | + int audit_fd; | |
19 | ||
20 | pid = getpid(); | |
21 | ||
22 | @@ -545,11 +547,25 @@ | |
23 | (retcode == PAM_USER_UNKNOWN) || | |
24 | (retcode == PAM_CRED_INSUFFICIENT) || | |
25 | (retcode == PAM_AUTHINFO_UNAVAIL))) { | |
26 | + struct passwd *pw; | |
27 | + char buf[64]; | |
28 | pam_get_item(pamh, PAM_USER, (const void **) &username); | |
29 | ||
30 | syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"), | |
31 | failcount, hostname, username, pam_strerror(pamh, retcode)); | |
32 | logbtmp(tty_name, username, hostname); | |
33 | + audit_fd = audit_open(); | |
34 | + pw = getpwnam(username); | |
35 | + if (pw) { | |
36 | + snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid); | |
37 | + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, | |
38 | + buf, hostname, NULL, tty_name, 0); | |
39 | + } else { | |
40 | + snprintf(buf, sizeof(buf), "acct=%s", username); | |
41 | + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, | |
42 | + buf, hostname, NULL, tty_name, 0); | |
43 | + } | |
44 | + close(audit_fd); | |
45 | ||
46 | fprintf(stderr,_("Login incorrect\n\n")); | |
47 | pam_set_item(pamh,PAM_USER,NULL); | |
48 | @@ -557,6 +573,8 @@ | |
49 | } | |
50 | ||
51 | if (retcode != PAM_SUCCESS) { | |
52 | + struct passwd *pw; | |
53 | + char buf[64]; | |
54 | pam_get_item(pamh, PAM_USER, (const void **) &username); | |
55 | ||
56 | if (retcode == PAM_MAXTRIES) | |
57 | @@ -567,6 +585,18 @@ | |
58 | syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"), | |
59 | hostname, username, pam_strerror(pamh, retcode)); | |
60 | logbtmp(tty_name, username, hostname); | |
61 | + audit_fd = audit_open(); | |
62 | + pw = getpwnam(username); | |
63 | + if (pw) { | |
64 | + snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid); | |
65 | + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, | |
66 | + buf, hostname, NULL, tty_name, 0); | |
67 | + } else { | |
68 | + snprintf(buf, sizeof(buf), "acct=%s", username); | |
69 | + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, | |
70 | + buf, hostname, NULL, tty_name, 0); | |
71 | + } | |
72 | + close(audit_fd); | |
73 | ||
74 | fprintf(stderr,_("\nLogin incorrect\n")); | |
75 | pam_end(pamh, retcode); | |
76 | @@ -908,6 +938,15 @@ | |
77 | #endif | |
78 | #endif | |
79 | } | |
80 | + | |
81 | + { | |
82 | + char buf[32]; | |
83 | + audit_fd = audit_open(); | |
84 | + snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid); | |
85 | + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, | |
86 | + buf, hostname, NULL, tty_name, 1); | |
87 | + close(audit_fd); | |
88 | + } | |
89 | ||
90 | dolastlog(quietlog); | |
91 | ||
92 | diff -ur util-linux-2.13-pre4.orig/login-utils/Makefile.am util-linux-2.13-pre4/login-utils/Makefile.am | |
93 | --- util-linux-2.13-pre4.orig/login-utils/Makefile.am 2005-10-14 13:59:08.000000000 -0400 | |
94 | +++ util-linux-2.13-pre4/login-utils/Makefile.am 2005-10-14 15:45:22.000000000 -0400 | |
95 | @@ -55,7 +55,7 @@ | |
96 | if HAVE_PAM | |
97 | chfn_LDADD += -lpam -lpam_misc | |
98 | chsh_LDADD += -lpam -lpam_misc | |
99 | -login_LDADD += -lpam -lpam_misc | |
100 | +login_LDADD += -lpam -lpam_misc -laudit | |
101 | login_SOURCES = login.c | |
102 | else | |
103 | login_SOURCES = login.c checktty.c |