[Bug 122] New: sshd does not update wtmpx at end of session

[bugzilla-daemon at mindrot.org]

http://bugzilla.mindrot.org/show_bug.cgi?id=122

           Summary: sshd does not update wtmpx at end of session
           Product: Portable OpenSSH
           Version: 3.0.2p1
          Platform: UltraSparc
        OS/Version: Solaris
            Status: NEW
          Severity: major
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: jaearick at colby.edu
                CC: jaearick at colby.edu


I have discovered that sshd does not write a ut_type = 8 (DEAD_PROCESS)
record into /var/adm/wtmpx, but it does write such a record into /var/adm/utmpx.  The net effect of this is that it looks like ssh users
never log out when you run "last" or other codes that analyze wtmpx.

I wrote a small C program to read and write out every record in /var/adm/wtmpx.
Then I logged into and out of my test machine with telnet, rlogin, and ssh.
Then I ran my C program to look at the results.  Here they are:

user:line:pid:type:exit/term:host:time
joeblow:pts/3:8477:7:0/0:0:cayuga:Wed Feb 20 10:08:43 2002
joeblow:pts/3:8477:8:0/0:0:cayuga:Wed Feb 20 10:08:57 2002
joeblow:pts/3:8509:7:0/0:0:cayuga:Wed Feb 20 10:09:16 2002
joeblow:pts/3:8509:8:0/0:0:cayuga:Wed Feb 20 10:09:55 2002
joeblow:pts/3:8546:7:0/0:0:cayuga:Wed Feb 20 10:10:08 2002

The first two records are for telnet, the second two for rlogin, the last
for ssh.  No type=8 record for ssh.  I can send you the C code that reads
/var/adm/wtmpx if you need it.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.