bug report: last login time vs PAM in portability release

mouring at etoh.eviladmin.org mouring at etoh.eviladmin.org
Sat Oct 13 07:58:09 EST 2001


It is a problem with Solaris.

Linux (Mandrake in this case) does not show this bug.

bash-2.05$ date; ssh localhost
Fri Oct 12 16:59:26 CDT 2001
Last login: Fri Oct 12 15:13:24 2001 from karla.eviladmin.org


But my solaris 2.7 does show it.

- Ben

On Fri, 12 Oct 2001, Kevin Steves wrote:

> on hp-ux 11 i see:
>
> $ date;ssh jenny
> Fri Oct 12 14:44:13 PDT 2001
> Last   successful login for stevesk: Fri Oct 12 10:45:42 PST8PDT 2001 on pts/2
> Last unsuccessful login for stevesk: Mon Sep 24 22:55:53 PST8PDT 2001
> Last login: Fri Oct 12 10:45:43 2001 from 172.31.1.53
> You have mail.
>
> so solaris PAM is different.  can other solaris+PAM users confirm this?
>
> On Fri, 12 Oct 2001, Benn Oshrin wrote:
> :There appears to be a problem with the reported last login time for
> :v2.9.9p2 (and possibly earlier versions).  This is for PAM enabled Solaris
> :hosts (Sol 7 and 8).
> :
> :Login to a host running stock 2.9.9p2:
> :
> : benno[~] starscream% date ; slogin hola
> : Fri Oct 12 13:10:50 EDT 2001
> : Last login: Fri Oct 12 13:10:52 2001 from starscream.cc.c
> : SunOS hola 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-60
> : You have new mail.
> : benno[~] hola%
> :
> :Note that the last login time reported is two seconds after the connection
> :is initiated.  It appears that this is because pam_open_session is called
> :before do_login.  pam_open_session updates the lastlog file.  When do_login
> :is called, it reads the already updated lastlog file and reports the time
> :of the session just started.  To fix this, I moved the pam_open_session
> :call into do_login:
> :
> :--- session.c   Fri Oct 12 13:05:58 2001
> :+++ .snapshot/nightly.3/session.c       Mon Oct  8 15:52:02 2001
> :@@ -541,6 +541,11 @@
> :        ptyfd = s->ptyfd;
> :        ttyfd = s->ttyfd;
> :
> :+#if defined(USE_PAM)
> :+       do_pam_session(s->pw->pw_name, s->tty);
> :+       do_pam_setcred(1);
> :+#endif
> :+
> :        /* Fork the child. */
> :        if ((pid = fork()) == 0) {
> :
> :@@ -698,11 +703,6 @@
> :                last_login_time = get_last_login_time(pw->pw_uid,
> :pw->pw_name,
> :                    hostname, sizeof(hostname));
> :        }
> :-
> :-#if defined(USE_PAM)
> :-       do_pam_session(s->pw->pw_name, s->tty);
> :-       do_pam_setcred(1);
> :-#endif
> :
> :        /* Record that there was a login on that tty from the remote host.
> :*/
> :        record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
> :
> :And here's a session from to a host running the patched version:
> :
> : benno[~] starscream% date ; slogin saluton
> : Fri Oct 12 13:16:47 EDT 2001
> : Last login: Fri Oct 12 13:05:03 2001 from starscream.cc.c
> : SunOS saluton 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-60
> : You have new mail.
> : benno[~] saluton%
> :
> :I hope you find this useful.
> :
> :-Benn-
> :
>
>
>




More information about the openssh-unix-dev mailing list