[PATCH] support for wtmpdb (Y2038 safe wtmp replacement)

Thorsten Kukuk kukuk at suse.de
Tue Apr 25 23:10:43 AEST 2023


Hi,

On Linux, glibc is using a 32bit time_t for wtmp and similar structs
even on a 64bit system:
https://www.thkukuk.de/blog/Y2038_glibc_utmp_64bit/
https://www.thkukuk.de/blog/Y2038_glibc_wtmp_64bit/


Since the glibc developers stated that they don't plan to solve the problem
in glibc, but think that this interfaces are legacy and should be
removed from glibc (like musl libc, which does not have them), I implemented
with wtmpdb a Y2038 safe alternative to wtmp.

https://github.com/thkukuk/wtmpdb

Like pam_systemd it in most cases all data with a PAM module
"pam_wtmpdb", but sshd is a little bit special here: when it does the
authentication, the TTY isn't yet known.
For this reason, we cannot use the PAM module with sshd, but need
support via the wtmpdb library.

Attached is a patch which adds wtmpdb support in the same way as for
wtmp and utmp.

Comments?

  Thorsten

-- 
Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies
SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany
Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman
(HRB 36809, AG Nürnberg)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wtmpdb.patch
Type: text/x-patch
Size: 5059 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20230425/7f7d1e6e/attachment.bin>


More information about the openssh-unix-dev mailing list