rpms/util-linux/devel util-linux-2.13-audit-login.patch, NONE, 1.1 util-linux.spec, 1.89, 1.90

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Mon Oct 17 14:10:03 UTC 2005


Author: kzak

Update of /cvs/dist/rpms/util-linux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv7561

Modified Files:
	util-linux.spec 
Added Files:
	util-linux-2.13-audit-login.patch 
Log Message:
-login audit stuff

util-linux-2.13-audit-login.patch:
 Makefile.am |    2 +-
 login.c     |   39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+), 1 deletion(-)

--- NEW FILE util-linux-2.13-audit-login.patch ---
diff -ur util-linux-2.13-pre4.orig/login-utils/login.c util-linux-2.13-pre4/login-utils/login.c
--- util-linux-2.13-pre4.orig/login-utils/login.c	2005-10-14 13:59:08.000000000 -0400
+++ util-linux-2.13-pre4/login-utils/login.c	2005-10-14 15:43:54.000000000 -0400
@@ -106,6 +106,7 @@
 #include <sys/syslog.h>
 #include <sys/sysmacros.h>
 #include <netdb.h>
+#include <libaudit.h>
 #include "pathnames.h"
 #include "my_crypt.h"
 #include "login.h"
@@ -329,6 +330,7 @@
 #ifdef LOGIN_CHOWN_VCS
     char vcsn[20], vcsan[20];
 #endif
+    int audit_fd;
 
     pid = getpid();
 
@@ -545,11 +547,25 @@
 	       (retcode == PAM_USER_UNKNOWN) ||
 	       (retcode == PAM_CRED_INSUFFICIENT) ||
 	       (retcode == PAM_AUTHINFO_UNAVAIL))) {
+	    struct passwd *pw;
+	    char buf[64];
 	    pam_get_item(pamh, PAM_USER, (const void **) &username);
 
 	    syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"),
 		   failcount, hostname, username, pam_strerror(pamh, retcode));
 	    logbtmp(tty_name, username, hostname);
+	    audit_fd = audit_open();
+	    pw = getpwnam(username);
+	    if (pw) {
+		snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+		audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+			buf, hostname, NULL, tty_name, 0);
+	    } else {
+		snprintf(buf, sizeof(buf), "acct=%s", username);
+		audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+			buf, hostname, NULL, tty_name, 0);
+	    }
+	    close(audit_fd);
 
 	    fprintf(stderr,_("Login incorrect\n\n"));
 	    pam_set_item(pamh,PAM_USER,NULL);
@@ -557,6 +573,8 @@
 	}
 
 	if (retcode != PAM_SUCCESS) {
+	    struct passwd *pw;
+	    char buf[64];
 	    pam_get_item(pamh, PAM_USER, (const void **) &username);
 
 	    if (retcode == PAM_MAXTRIES)
@@ -567,6 +585,18 @@
 		syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"),
 			hostname, username, pam_strerror(pamh, retcode));
 	    logbtmp(tty_name, username, hostname);
+	    audit_fd = audit_open();
+	    pw = getpwnam(username);
+	    if (pw) {
+		snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+		audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+			buf, hostname, NULL, tty_name, 0);
+	    } else {
+		snprintf(buf, sizeof(buf), "acct=%s", username);
+		audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+			buf, hostname, NULL, tty_name, 0);
+	    }
+	    close(audit_fd);
 
 	    fprintf(stderr,_("\nLogin incorrect\n"));
 	    pam_end(pamh, retcode);
@@ -908,6 +938,15 @@
 #endif
 #endif
     }
+
+    {
+	char buf[32];
+	audit_fd = audit_open();
+	snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid);
+	audit_log_user_message(audit_fd, AUDIT_USER_LOGIN, 
+		buf, hostname, NULL, tty_name, 1);
+	close(audit_fd);
+    }
     
     dolastlog(quietlog);
     
diff -ur util-linux-2.13-pre4.orig/login-utils/Makefile.am util-linux-2.13-pre4/login-utils/Makefile.am
--- util-linux-2.13-pre4.orig/login-utils/Makefile.am	2005-10-14 13:59:08.000000000 -0400
+++ util-linux-2.13-pre4/login-utils/Makefile.am	2005-10-14 15:45:22.000000000 -0400
@@ -55,7 +55,7 @@
 if HAVE_PAM
 chfn_LDADD += -lpam -lpam_misc
 chsh_LDADD += -lpam -lpam_misc
-login_LDADD += -lpam -lpam_misc
+login_LDADD += -lpam -lpam_misc -laudit
 login_SOURCES = login.c
 else
 login_SOURCES = login.c checktty.c


Index: util-linux.spec
===================================================================
RCS file: /cvs/dist/rpms/util-linux/devel/util-linux.spec,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- util-linux.spec	7 Oct 2005 19:34:46 -0000	1.89
+++ util-linux.spec	17 Oct 2005 14:09:59 -0000	1.90
@@ -27,7 +27,7 @@
 Summary: A collection of basic system utilities.
 Name: util-linux
 Version: 2.13
-Release: 0.4.pre4
+Release: 0.5.pre4
 License: distributable
 Group: System Environment/Base
 
@@ -42,7 +42,7 @@
 BuildRequires: gettext
 BuildRequires: libselinux-devel
 BuildRequires: e2fsprogs-devel >= 1.36
-BuildRequires: audit-libs-devel
+BuildRequires: audit-libs-devel >= 1.0.6
 
 ### Sources
 # TODO [stable]: s/2.13-pre4/%{version}/
@@ -63,6 +63,7 @@
 Conflicts: initscripts <= 4.58, timeconfig <= 3.0.1
 %endif
 Requires: pam >= 0.66-4, /etc/pam.d/system-auth
+Requires: audit-libs >= 1.0.6
 Conflicts: kernel < 2.2.12-7, 
 Prereq: /sbin/install-info
 Provides: mount = %{version}
@@ -154,8 +155,10 @@
 # 168436 - login will attempt to run if it has no read/write access to its terminal
 # 168434 - login's timeout can fail - needs to call siginterrupt(SIGALRM,1)
 Patch213: util-linux-2.13-login-hang.patch
-# 165253 – losetup missing option -a [new feature]
+# 165253 - losetup missing option -a [new feature]
 Patch214: util-linux-2.13-losetup-all.patch
+# 170564 - add audit message to login
+Patch215: util-linux-2.13-audit-login.patch
 
 # When adding patches, please make sure that it is easy to find out what bug # the 
 # patch fixes.
@@ -225,6 +228,7 @@
 %patch212 -p1
 %patch213 -p1
 %patch214 -p1
+%patch215 -p1
 
 %build
 unset LINGUAS || :
@@ -619,11 +623,14 @@
 /sbin/losetup
 
 %changelog
+* Mon Oct 17 2005 Karel Zak <kzak at redhat.com> 2.13-0.5.pre4
+* fix #170564 - add audit message to login
+
 * Fri Oct  7 2005 Karel Zak <kzak at redhat.com> 2.13-0.4.pre4
 - fix #169628 - /usr/bin/floppy doesn't work with /dev/fd0
 - fix #168436 - login will attempt to run if it has no read/write access to its terminal
 - fix #168434 - login's timeout can fail - needs to call siginterrupt(SIGALRM,1)
-- fix #165253 – losetup missing option -a [new feature]
+- fix #165253 - losetup missing option -a [new feature]
 - update PAM files (replace pam_stack with new "include" PAM directive)
 - remove kbdrate from src.rpm
 - update to 2.13pre4




More information about the fedora-cvs-commits mailing list