openssh 3.8.1p1 problem on SCO 5.0.7
Roger Cornelius
rac at tenzing.org
Fri Jul 9 02:31:40 EST 2004
On SCO 5.0.7 and openssh 3.8.1p1, two entries are written to /etc/wtmp
and /etc/wtmpx each time a user logs in via ssh. This can be
demonstrated using the last(C) command. Any user connected via ssh will
have two identical login and logout entries.
On SCO, login_write() in loginrec.c calls both wtmp_write_entry() and
wtmpx_write_entry() (USE_WTMP and USE_WTMPX are defined).
wtmp_write_entry() writes the first entry to /etc/wtmp.
wtmpx_write_entry() ultimately calls updwtmpx() (HAVE_UPDWTMPX is
defined) to write the /etc/wtmpx entry. But updwtmpx() writes entries
to both the wtmp and wtmpx files on SCO, so now we have two entries in
/etc/wtmp and one in /etc/wtmpx. I'm guessing updwtmpx() then
synchronizes wtmpx with wtmp, since a second entry ends up in wtmpx as
well. I think this behaviour of updwtmpx() is also true of other OSs.
Here's the relevant section of the getutx(S) man page:
updwtmpx(S) checks the existence of wfilex and its parallel file
wfile, whose name is obtained by removing the final ``x'' from
wfilex. If only one of them exists, the other is created and
initialized to reflect the state of the existing file. utmpx is
written to wfilex, and the corresponding utmp structure is
written to the parallel file. If neither file exists nothing
happens.
My quick fix is to not define HAVE_UPDWTMPX, which causes alternate code
in wtmpx_write() to be used.
--
Roger Cornelius rac at tenzing.org
More information about the openssh-unix-dev
mailing list