102 lines
3.2 KiB
Diff
102 lines
3.2 KiB
Diff
diff -ur util-linux-2.13-pre4.orig/login-utils/login.c util-linux-2.13-pre4/login-utils/login.c
|
|
--- util-linux-2.13-pre4.orig/login-utils/login.c 2005-10-14 13:59:08.000000000 -0400
|
|
+++ util-linux-2.13-pre4/login-utils/login.c 2005-10-14 15:43:54.000000000 -0400
|
|
@@ -106,6 +106,7 @@
|
|
#include <sys/syslog.h>
|
|
#include <sys/sysmacros.h>
|
|
#include <netdb.h>
|
|
+#include <libaudit.h>
|
|
#include "pathnames.h"
|
|
#include "my_crypt.h"
|
|
#include "login.h"
|
|
@@ -329,6 +330,7 @@
|
|
#ifdef LOGIN_CHOWN_VCS
|
|
char vcsn[20], vcsan[20];
|
|
#endif
|
|
+ int audit_fd;
|
|
|
|
pid = getpid();
|
|
|
|
@@ -545,11 +547,25 @@
|
|
(retcode == PAM_USER_UNKNOWN) ||
|
|
(retcode == PAM_CRED_INSUFFICIENT) ||
|
|
(retcode == PAM_AUTHINFO_UNAVAIL))) {
|
|
+ struct passwd *pw;
|
|
+ char buf[64];
|
|
pam_get_item(pamh, PAM_USER, (const void **) &username);
|
|
|
|
syslog(LOG_NOTICE,_("FAILED LOGIN %d FROM %s FOR %s, %s"),
|
|
failcount, hostname, username, pam_strerror(pamh, retcode));
|
|
logbtmp(tty_name, username, hostname);
|
|
+ audit_fd = audit_open();
|
|
+ pw = getpwnam(username);
|
|
+ if (pw) {
|
|
+ snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
|
|
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
|
|
+ buf, hostname, NULL, tty_name, 0);
|
|
+ } else {
|
|
+ snprintf(buf, sizeof(buf), "acct=%s", username);
|
|
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
|
|
+ buf, hostname, NULL, tty_name, 0);
|
|
+ }
|
|
+ close(audit_fd);
|
|
|
|
fprintf(stderr,_("Login incorrect\n\n"));
|
|
pam_set_item(pamh,PAM_USER,NULL);
|
|
@@ -557,6 +573,8 @@
|
|
}
|
|
|
|
if (retcode != PAM_SUCCESS) {
|
|
+ struct passwd *pw;
|
|
+ char buf[64];
|
|
pam_get_item(pamh, PAM_USER, (const void **) &username);
|
|
|
|
if (retcode == PAM_MAXTRIES)
|
|
@@ -567,6 +585,18 @@
|
|
syslog(LOG_NOTICE,_("FAILED LOGIN SESSION FROM %s FOR %s, %s"),
|
|
hostname, username, pam_strerror(pamh, retcode));
|
|
logbtmp(tty_name, username, hostname);
|
|
+ audit_fd = audit_open();
|
|
+ pw = getpwnam(username);
|
|
+ if (pw) {
|
|
+ snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
|
|
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
|
|
+ buf, hostname, NULL, tty_name, 0);
|
|
+ } else {
|
|
+ snprintf(buf, sizeof(buf), "acct=%s", username);
|
|
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
|
|
+ buf, hostname, NULL, tty_name, 0);
|
|
+ }
|
|
+ close(audit_fd);
|
|
|
|
fprintf(stderr,_("\nLogin incorrect\n"));
|
|
pam_end(pamh, retcode);
|
|
@@ -908,6 +938,15 @@
|
|
#endif
|
|
#endif
|
|
}
|
|
+
|
|
+ {
|
|
+ char buf[32];
|
|
+ audit_fd = audit_open();
|
|
+ snprintf(buf, sizeof(buf), "uid=%d", pwd->pw_uid);
|
|
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
|
|
+ buf, hostname, NULL, tty_name, 1);
|
|
+ close(audit_fd);
|
|
+ }
|
|
|
|
dolastlog(quietlog);
|
|
|
|
diff -ur util-linux-2.13-pre4.orig/login-utils/Makefile.am util-linux-2.13-pre4/login-utils/Makefile.am
|
|
--- util-linux-2.13-pre4.orig/login-utils/Makefile.am 2005-10-14 13:59:08.000000000 -0400
|
|
+++ util-linux-2.13-pre4/login-utils/Makefile.am 2005-10-14 15:45:22.000000000 -0400
|
|
@@ -55,7 +55,7 @@
|
|
if HAVE_PAM
|
|
chfn_LDADD += -lpam -lpam_misc
|
|
chsh_LDADD += -lpam -lpam_misc
|
|
-login_LDADD += -lpam -lpam_misc
|
|
+login_LDADD += -lpam -lpam_misc -laudit
|
|
login_SOURCES = login.c
|
|
else
|
|
login_SOURCES = login.c checktty.c
|