bug report: last login time vs PAM in portability release

Kevin Steves stevesk at pobox.com
Sat Oct 13 07:51:14 EST 2001 

on hp-ux 11 i see:

$ date;ssh jenny
Fri Oct 12 14:44:13 PDT 2001
Last   successful login for stevesk: Fri Oct 12 10:45:42 PST8PDT 2001 on pts/2
Last unsuccessful login for stevesk: Mon Sep 24 22:55:53 PST8PDT 2001
Last login: Fri Oct 12 10:45:43 2001 from 172.31.1.53
You have mail.

so solaris PAM is different.  can other solaris+PAM users confirm this?

On Fri, 12 Oct 2001, Benn Oshrin wrote:
:There appears to be a problem with the reported last login time for
:v2.9.9p2 (and possibly earlier versions).  This is for PAM enabled Solaris
:hosts (Sol 7 and 8).
:
:Login to a host running stock 2.9.9p2:
:
: benno[~] starscream% date ; slogin hola
: Fri Oct 12 13:10:50 EDT 2001
: Last login: Fri Oct 12 13:10:52 2001 from starscream.cc.c
: SunOS hola 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-60
: You have new mail.
: benno[~] hola%
:
:Note that the last login time reported is two seconds after the connection
:is initiated.  It appears that this is because pam_open_session is called
:before do_login.  pam_open_session updates the lastlog file.  When do_login
:is called, it reads the already updated lastlog file and reports the time
:of the session just started.  To fix this, I moved the pam_open_session
:call into do_login:
:
:--- session.c   Fri Oct 12 13:05:58 2001
:+++ .snapshot/nightly.3/session.c       Mon Oct  8 15:52:02 2001
:@@ -541,6 +541,11 @@
:        ptyfd = s->ptyfd;
:        ttyfd = s->ttyfd;
:
:+#if defined(USE_PAM)
:+       do_pam_session(s->pw->pw_name, s->tty);
:+       do_pam_setcred(1);
:+#endif
:+
:        /* Fork the child. */
:        if ((pid = fork()) == 0) {
:
:@@ -698,11 +703,6 @@
:                last_login_time = get_last_login_time(pw->pw_uid,
:pw->pw_name,
:                    hostname, sizeof(hostname));
:        }
:-
:-#if defined(USE_PAM)
:-       do_pam_session(s->pw->pw_name, s->tty);
:-       do_pam_setcred(1);
:-#endif
:
:        /* Record that there was a login on that tty from the remote host.
:*/
:        record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
:
:And here's a session from to a host running the patched version:
:
: benno[~] starscream% date ; slogin saluton
: Fri Oct 12 13:16:47 EDT 2001
: Last login: Fri Oct 12 13:05:03 2001 from starscream.cc.c
: SunOS saluton 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-60
: You have new mail.
: benno[~] saluton%
:
:I hope you find this useful.
:
:-Benn-
:

More information about the openssh-unix-dev mailing list