diff options
| author | Karel Zak | 2007-03-12 14:26:34 +0100 |
|---|---|---|
| committer | Karel Zak | 2007-03-12 14:26:34 +0100 |
| commit | f8bdba2fd24a176d8d0ef8c96fb184fa3cd0f7bf (patch) | |
| tree | 2b53b795bd192cc951f18b637e9f19f412961c3a /login-utils/login.c | |
| parent | build-sys: add support for audit (diff) | |
| download | kernel-qcow2-util-linux-f8bdba2fd24a176d8d0ef8c96fb184fa3cd0f7bf.tar.gz kernel-qcow2-util-linux-f8bdba2fd24a176d8d0ef8c96fb184fa3cd0f7bf.tar.xz kernel-qcow2-util-linux-f8bdba2fd24a176d8d0ef8c96fb184fa3cd0f7bf.zip | |
login: add audit support
The login command reports AUDIT_USER_LOGIN message to audit system
(depends on --with-audit).
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/login.c')
| -rw-r--r-- | login-utils/login.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/login-utils/login.c b/login-utils/login.c index e3b4f6fd0..e5f6262f8 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -106,6 +106,9 @@ #include <sys/syslog.h> #include <sys/sysmacros.h> #include <netdb.h> +#ifdef HAVE_LIBAUDIT +# include <libaudit.h> +#endif #include "pathnames.h" #include "my_crypt.h" #include "login.h" @@ -316,6 +319,33 @@ sig_handler(int signal) #endif /* HAVE_SECURITY_PAM_MISC_H */ +#ifdef HAVE_LIBAUDIT +static void +logaudit(const char *tty, const char *username, const char *hostname, + struct passwd *pwd, int status) +{ + char buf[64]; + int audit_fd; + + audit_fd = audit_open(); + if (audit_fd == -1) + return; + if (!pwd) + pwd = getpwnam(username); + if (pwd) + snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid); + else + snprintf(buf, sizeof(buf), "acct=%s", username); + + audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, + buf, hostname, NULL, tty, status); + + close(audit_fd); +} +#else /* ! HAVE_LIBAUDIT */ +# define logaudit(tty, username, hostname, pwd, status) +#endif /* HAVE_LIBAUDIT */ + int main(int argc, char **argv) { @@ -580,6 +610,7 @@ main(int argc, char **argv) syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"), failcount, hostname, username, pam_strerror(pamh, retcode)); logbtmp(tty_name, username, hostname); + logaudit(tty_name, username, hostname, NULL, 0); fprintf(stderr,_("Login incorrect\n\n")); pam_set_item(pamh,PAM_USER,NULL); @@ -597,6 +628,7 @@ main(int argc, char **argv) syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"), hostname, username, pam_strerror(pamh, retcode)); logbtmp(tty_name, username, hostname); + logaudit(tty_name, username, hostname, NULL, 0); fprintf(stderr,_("\nLogin incorrect\n")); pam_end(pamh, retcode); @@ -751,6 +783,7 @@ main(int argc, char **argv) syslog(LOG_NOTICE, _("LOGIN %s REFUSED ON TTY %s"), pwd->pw_name, tty_name); + logaudit(tty_name, pwd->pw_name, hostname, pwd, 0); continue; } @@ -948,6 +981,7 @@ Michael Riepe <michael@stud.uni-hannover.de> #endif } + logaudit(tty_name, username, hostname, pwd, 1); dolastlog(quietlog); chown(ttyn, pwd->pw_uid, |