|
|
05ad79 |
diff -up util-linux-2.23.2/configure.ac.kzak util-linux-2.23.2/configure.ac
|
|
|
05ad79 |
--- util-linux-2.23.2/configure.ac.kzak 2014-12-12 15:27:43.505631342 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/configure.ac 2014-12-12 15:28:30.571177081 +0100
|
|
|
05ad79 |
@@ -1027,6 +1027,11 @@ UL_REQUIRES_HAVE([lscpu], [cpu_set_t], [
|
|
|
05ad79 |
AM_CONDITIONAL(BUILD_LSCPU, test "x$build_lscpu" = xyes)
|
|
|
05ad79 |
|
|
|
05ad79 |
|
|
|
05ad79 |
+UL_BUILD_INIT([lslogins], [check])
|
|
|
05ad79 |
+UL_REQUIRES_BUILD([lslogins], [libsmartcols])
|
|
|
05ad79 |
+AM_CONDITIONAL([BUILD_LSLOGINS], [test "x$build_lslogins" = xyes])
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
UL_BUILD_INIT([chcpu], [check])
|
|
|
05ad79 |
UL_REQUIRES_LINUX([chcpu])
|
|
|
05ad79 |
UL_REQUIRES_HAVE([chcpu], [cpu_set_t], [cpu_set_t type])
|
|
|
05ad79 |
@@ -1404,6 +1409,37 @@ fi
|
|
|
05ad79 |
AM_CONDITIONAL(HAVE_SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != "xno" ])
|
|
|
05ad79 |
|
|
|
05ad79 |
|
|
|
05ad79 |
+#
|
|
|
05ad79 |
+# Backport from upstrem to RHEL7.1
|
|
|
05ad79 |
+#
|
|
|
05ad79 |
+AC_ARG_WITH([systemd],
|
|
|
05ad79 |
+ AS_HELP_STRING([--with-systemd], [build with support for systemd]),
|
|
|
05ad79 |
+ [], [with_systemd=check]
|
|
|
05ad79 |
+)
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+have_systemd=no
|
|
|
05ad79 |
+AS_IF([test "x$with_systemd" != xno], [
|
|
|
05ad79 |
+ # new version -- all libsystemd-* libs merged into libsystemd
|
|
|
05ad79 |
+ PKG_CHECK_MODULES([SYSTEMD], [libsystemd], [have_systemd=yes], [have_systemd=no])
|
|
|
05ad79 |
+ # old versions
|
|
|
05ad79 |
+ AS_IF([test "x$have_systemd" != "xyes"], [
|
|
|
05ad79 |
+ PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon],
|
|
|
05ad79 |
+ [have_systemd_daemon=yes], [have_systemd_daemon=no])
|
|
|
05ad79 |
+ PKG_CHECK_MODULES([SYSTEMD_JOURNAL], [libsystemd-journal],
|
|
|
05ad79 |
+ [have_systemd_journal=yes], [have_systemd_journal=no])
|
|
|
05ad79 |
+ AS_IF([test "x$have_systemd_daemon" = "xyes" -a "x$have_systemd_journal" = "xyes" ],[
|
|
|
05ad79 |
+ have_systemd=yes])
|
|
|
05ad79 |
+ ])
|
|
|
05ad79 |
+ AS_CASE([$with_systemd:$have_systemd],
|
|
|
05ad79 |
+ [yes:no],
|
|
|
05ad79 |
+ [AC_MSG_ERROR([systemd expected but libsystemd not found])],
|
|
|
05ad79 |
+ [*:yes],
|
|
|
05ad79 |
+ AC_DEFINE([HAVE_LIBSYSTEMD], [1], [Define if libsystemd is available])
|
|
|
05ad79 |
+ )
|
|
|
05ad79 |
+])
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
AC_ARG_WITH([bashcompletiondir],
|
|
|
05ad79 |
AS_HELP_STRING([--with-bashcompletiondir=DIR], [Bash completions directory]),
|
|
|
05ad79 |
[],
|
|
|
05ad79 |
diff -up util-linux-2.23.2/include/Makemodule.am.kzak util-linux-2.23.2/include/Makemodule.am
|
|
|
05ad79 |
--- util-linux-2.23.2/include/Makemodule.am.kzak 2013-07-15 10:25:46.277049008 +0200
|
|
|
05ad79 |
+++ util-linux-2.23.2/include/Makemodule.am 2014-12-12 15:28:30.571177081 +0100
|
|
|
05ad79 |
@@ -35,6 +35,7 @@ dist_noinst_HEADERS += \
|
|
|
05ad79 |
include/procutils.h \
|
|
|
05ad79 |
include/randutils.h \
|
|
|
05ad79 |
include/rpmatch.h \
|
|
|
05ad79 |
+ include/readutmp.h \
|
|
|
05ad79 |
include/setproctitle.h \
|
|
|
05ad79 |
include/strutils.h \
|
|
|
05ad79 |
include/swapheader.h \
|
|
|
05ad79 |
diff -up util-linux-2.23.2/include/readutmp.h.kzak util-linux-2.23.2/include/readutmp.h
|
|
|
05ad79 |
--- util-linux-2.23.2/include/readutmp.h.kzak 2014-12-12 15:28:30.571177081 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/include/readutmp.h 2014-12-12 15:28:30.571177081 +0100
|
|
|
05ad79 |
@@ -0,0 +1,28 @@
|
|
|
05ad79 |
+/* Declarations for GNU's read utmp module.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ Copyright (C) 1992-2007, 2009-2014 Free Software Foundation, Inc.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ This program is free software: you can redistribute it and/or modify
|
|
|
05ad79 |
+ it under the terms of the GNU General Public License as published by
|
|
|
05ad79 |
+ the Free Software Foundation; either version 3 of the License, or
|
|
|
05ad79 |
+ (at your option) any later version.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ This program is distributed in the hope that it will be useful,
|
|
|
05ad79 |
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
05ad79 |
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
05ad79 |
+ GNU General Public License for more details.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ You should have received a copy of the GNU General Public License
|
|
|
05ad79 |
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* Written by jla; revised by djm */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#ifndef READUTMP_H
|
|
|
05ad79 |
+#define READUTMP_H
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <sys/types.h>
|
|
|
05ad79 |
+#include <utmp.h>
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+int read_utmp (char const *file, size_t *n_entries, struct utmp **utmp_buf);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#endif /* READUTMP_H */
|
|
|
05ad79 |
diff -up util-linux-2.23.2/lib/Makemodule.am.kzak util-linux-2.23.2/lib/Makemodule.am
|
|
|
05ad79 |
--- util-linux-2.23.2/lib/Makemodule.am.kzak 2013-07-30 10:39:26.202738200 +0200
|
|
|
05ad79 |
+++ util-linux-2.23.2/lib/Makemodule.am 2014-12-12 15:28:30.572177092 +0100
|
|
|
05ad79 |
@@ -25,7 +25,8 @@ libcommon_la_SOURCES = \
|
|
|
05ad79 |
lib/wholedisk.c \
|
|
|
05ad79 |
lib/ttyutils.c \
|
|
|
05ad79 |
lib/xgetpass.c \
|
|
|
05ad79 |
- lib/exec_shell.c
|
|
|
05ad79 |
+ lib/exec_shell.c \
|
|
|
05ad79 |
+ lib/readutmp.c
|
|
|
05ad79 |
|
|
|
05ad79 |
if LINUX
|
|
|
05ad79 |
libcommon_la_SOURCES += \
|
|
|
05ad79 |
diff -up util-linux-2.23.2/lib/readutmp.c.kzak util-linux-2.23.2/lib/readutmp.c
|
|
|
05ad79 |
--- util-linux-2.23.2/lib/readutmp.c.kzak 2014-12-12 15:28:30.572177092 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/lib/readutmp.c 2014-12-12 15:28:30.572177092 +0100
|
|
|
05ad79 |
@@ -0,0 +1,76 @@
|
|
|
05ad79 |
+/* GNU's read utmp module.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ Copyright (C) 1992-2001, 2003-2006, 2009-2014 Free Software Foundation, Inc.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ This program is free software: you can redistribute it and/or modify
|
|
|
05ad79 |
+ it under the terms of the GNU General Public License as published by
|
|
|
05ad79 |
+ the Free Software Foundation; either version 3 of the License, or
|
|
|
05ad79 |
+ (at your option) any later version.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ This program is distributed in the hope that it will be useful,
|
|
|
05ad79 |
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
05ad79 |
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
05ad79 |
+ GNU General Public License for more details.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ You should have received a copy of the GNU General Public License
|
|
|
05ad79 |
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* Written by jla; revised by djm */
|
|
|
05ad79 |
+/* extracted for util-linux by ooprala */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <errno.h>
|
|
|
05ad79 |
+#include <stdio.h>
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <sys/types.h>
|
|
|
05ad79 |
+#include <sys/stat.h>
|
|
|
05ad79 |
+#include <signal.h>
|
|
|
05ad79 |
+#include <stdbool.h>
|
|
|
05ad79 |
+#include <string.h>
|
|
|
05ad79 |
+#include <stdlib.h>
|
|
|
05ad79 |
+#include <stdint.h>
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include "xalloc.h"
|
|
|
05ad79 |
+#include "readutmp.h"
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* Read the utmp entries corresponding to file FILE into freshly-
|
|
|
05ad79 |
+ malloc'd storage, set *UTMP_BUF to that pointer, set *N_ENTRIES to
|
|
|
05ad79 |
+ the number of entries, and return zero. If there is any error,
|
|
|
05ad79 |
+ return -1, setting errno, and don't modify the parameters.
|
|
|
05ad79 |
+ If OPTIONS & READ_UTMP_CHECK_PIDS is nonzero, omit entries whose
|
|
|
05ad79 |
+ process-IDs do not currently exist. */
|
|
|
05ad79 |
+int
|
|
|
05ad79 |
+read_utmp (char const *file, size_t *n_entries, struct utmp **utmp_buf)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n_read = 0;
|
|
|
05ad79 |
+ size_t n_alloc = 0;
|
|
|
05ad79 |
+ struct utmp *utmp = NULL;
|
|
|
05ad79 |
+ struct utmp *u;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* Ignore the return value for now.
|
|
|
05ad79 |
+ Solaris' utmpname returns 1 upon success -- which is contrary
|
|
|
05ad79 |
+ to what the GNU libc version does. In addition, older GNU libc
|
|
|
05ad79 |
+ versions are actually void. */
|
|
|
05ad79 |
+ utmpname(file);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ setutent();
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ errno = 0;
|
|
|
05ad79 |
+ while ((u = getutent()) != NULL) {
|
|
|
05ad79 |
+ if (n_read == n_alloc) {
|
|
|
05ad79 |
+ n_alloc += 32;
|
|
|
05ad79 |
+ utmp = xrealloc(utmp, n_alloc * sizeof (struct utmp));
|
|
|
05ad79 |
+ if (!utmp)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ utmp[n_read++] = *u;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ if (!u && errno)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ endutent();
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ *n_entries = n_read;
|
|
|
05ad79 |
+ *utmp_buf = utmp;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/login.c.kzak util-linux-2.23.2/login-utils/login.c
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/login.c.kzak 2014-12-12 15:27:43.436630542 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/login.c 2014-12-12 15:28:30.573177104 +0100
|
|
|
05ad79 |
@@ -923,124 +923,6 @@ static void loginpam_session(struct logi
|
|
|
05ad79 |
}
|
|
|
05ad79 |
|
|
|
05ad79 |
/*
|
|
|
05ad79 |
- * We need to check effective UID/GID. For example $HOME could be on root
|
|
|
05ad79 |
- * squashed NFS or on NFS with UID mapping and access(2) uses real UID/GID.
|
|
|
05ad79 |
- * The open(2) seems as the surest solution.
|
|
|
05ad79 |
- * -- kzak@redhat.com (10-Apr-2009)
|
|
|
05ad79 |
- */
|
|
|
05ad79 |
-static int effective_access(const char *path, int mode)
|
|
|
05ad79 |
-{
|
|
|
05ad79 |
- int fd = open(path, mode);
|
|
|
05ad79 |
- if (fd != -1)
|
|
|
05ad79 |
- close(fd);
|
|
|
05ad79 |
- return fd == -1 ? -1 : 0;
|
|
|
05ad79 |
-}
|
|
|
05ad79 |
-
|
|
|
05ad79 |
-/*
|
|
|
05ad79 |
- * Check per accout or global hush-login setting.
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * Hushed mode is enabled:
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * a) if global (e.g. /etc/hushlogins) hush file exists:
|
|
|
05ad79 |
- * 1) for ALL ACCOUNTS if the file is empty
|
|
|
05ad79 |
- * 2) for the current user if the username or shell are found in the file
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * b) if ~/.hushlogin file exists
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * The ~/.hushlogin is ignored if the global hush file exists.
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * The HUSHLOGIN_FILE login.def variable overwrites the default hush filename.
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * Note that shadow-utils login(1) does not support "a1)". The "a1)" is
|
|
|
05ad79 |
- * necessary if you want to use PAM for "Last login" message.
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * -- Karel Zak <kzak@redhat.com> (26-Aug-2011)
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * Per-account check requires some explanation: As root we may not be able to
|
|
|
05ad79 |
- * read the directory of the user if it is on an NFS mounted filesystem. We
|
|
|
05ad79 |
- * temporarily set our effective uid to the user-uid making sure that we keep
|
|
|
05ad79 |
- * root privs. in the real uid.
|
|
|
05ad79 |
- *
|
|
|
05ad79 |
- * A portable solution would require a fork(), but we rely on Linux having the
|
|
|
05ad79 |
- * BSD setreuid()
|
|
|
05ad79 |
- */
|
|
|
05ad79 |
-static int get_hushlogin_status(struct passwd *pwd)
|
|
|
05ad79 |
-{
|
|
|
05ad79 |
- const char *files[] = { _PATH_HUSHLOGINS, _PATH_HUSHLOGIN, NULL };
|
|
|
05ad79 |
- const char *file;
|
|
|
05ad79 |
- char buf[BUFSIZ];
|
|
|
05ad79 |
- int i;
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- file = getlogindefs_str("HUSHLOGIN_FILE", NULL);
|
|
|
05ad79 |
- if (file) {
|
|
|
05ad79 |
- if (!*file)
|
|
|
05ad79 |
- return 0; /* empty HUSHLOGIN_FILE defined */
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- files[0] = file;
|
|
|
05ad79 |
- files[1] = NULL;
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- for (i = 0; files[i]; i++) {
|
|
|
05ad79 |
- int ok = 0;
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- file = files[i];
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- /* Global hush-file*/
|
|
|
05ad79 |
- if (*file == '/') {
|
|
|
05ad79 |
- struct stat st;
|
|
|
05ad79 |
- FILE *f;
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- if (stat(file, &st) != 0)
|
|
|
05ad79 |
- continue; /* file does not exist */
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- if (st.st_size == 0)
|
|
|
05ad79 |
- return 1; /* for all accounts */
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- f = fopen(file, "r");
|
|
|
05ad79 |
- if (!f)
|
|
|
05ad79 |
- continue; /* ignore errors... */
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- while (ok == 0 && fgets(buf, sizeof(buf), f)) {
|
|
|
05ad79 |
- buf[strlen(buf) - 1] = '\0';
|
|
|
05ad79 |
- ok = !strcmp(buf, *buf == '/' ? pwd->pw_shell :
|
|
|
05ad79 |
- pwd->pw_name);
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
- fclose(f);
|
|
|
05ad79 |
- if (ok)
|
|
|
05ad79 |
- return 1; /* found username/shell */
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- return 0; /* ignore per-account files */
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- /* Per-account setting */
|
|
|
05ad79 |
- if (strlen(pwd->pw_dir) + sizeof(file) + 2 > sizeof(buf))
|
|
|
05ad79 |
- continue;
|
|
|
05ad79 |
- else {
|
|
|
05ad79 |
- uid_t ruid = getuid();
|
|
|
05ad79 |
- gid_t egid = getegid();
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- sprintf(buf, "%s/%s", pwd->pw_dir, file);
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- if (setregid(-1, pwd->pw_gid) == 0 &&
|
|
|
05ad79 |
- setreuid(0, pwd->pw_uid) == 0)
|
|
|
05ad79 |
- ok = effective_access(buf, O_RDONLY) == 0;
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- if (setuid(0) != 0 ||
|
|
|
05ad79 |
- setreuid(ruid, 0) != 0 ||
|
|
|
05ad79 |
- setregid(-1, egid) != 0) {
|
|
|
05ad79 |
- syslog(LOG_ALERT, _("hush login status: restore original IDs failed"));
|
|
|
05ad79 |
- exit(EXIT_FAILURE);
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
- if (ok)
|
|
|
05ad79 |
- return 1; /* enabled by user */
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
- }
|
|
|
05ad79 |
-
|
|
|
05ad79 |
- return 0;
|
|
|
05ad79 |
-}
|
|
|
05ad79 |
-
|
|
|
05ad79 |
-/*
|
|
|
05ad79 |
* Detach the controlling terminal, fork, restore syslog stuff and create a new
|
|
|
05ad79 |
* session.
|
|
|
05ad79 |
*/
|
|
|
05ad79 |
@@ -1372,7 +1254,7 @@ int main(int argc, char **argv)
|
|
|
05ad79 |
|
|
|
05ad79 |
endpwent();
|
|
|
05ad79 |
|
|
|
05ad79 |
- cxt.quiet = get_hushlogin_status(pwd);
|
|
|
05ad79 |
+ cxt.quiet = get_hushlogin_status(pwd, 1);
|
|
|
05ad79 |
|
|
|
05ad79 |
log_utmp(&cxt);
|
|
|
05ad79 |
log_audit(&cxt, 1);
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/logindefs.c.kzak util-linux-2.23.2/login-utils/logindefs.c
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/logindefs.c.kzak 2013-06-13 09:46:10.442650810 +0200
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/logindefs.c 2014-12-12 15:28:30.573177104 +0100
|
|
|
05ad79 |
@@ -27,6 +27,9 @@
|
|
|
05ad79 |
#include <stdlib.h>
|
|
|
05ad79 |
#include <string.h>
|
|
|
05ad79 |
#include <sys/syslog.h>
|
|
|
05ad79 |
+#include <sys/stat.h>
|
|
|
05ad79 |
+#include <sys/types.h>
|
|
|
05ad79 |
+#include <pwd.h>
|
|
|
05ad79 |
|
|
|
05ad79 |
#include "c.h"
|
|
|
05ad79 |
#include "closestream.h"
|
|
|
05ad79 |
@@ -259,6 +262,135 @@ int logindefs_setenv(const char *name, c
|
|
|
05ad79 |
return val ? setenv(name, val, 1) : -1;
|
|
|
05ad79 |
}
|
|
|
05ad79 |
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * We need to check the effective UID/GID. For example, $HOME could be on a
|
|
|
05ad79 |
+ * root-squashed NFS or on an NFS with UID mapping, and access(2) uses the
|
|
|
05ad79 |
+ * real UID/GID. Then open(2) seems as the surest solution.
|
|
|
05ad79 |
+ * -- kzak@redhat.com (10-Apr-2009)
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+int effective_access(const char *path, int mode)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ int fd = open(path, mode);
|
|
|
05ad79 |
+ if (fd != -1)
|
|
|
05ad79 |
+ close(fd);
|
|
|
05ad79 |
+ return fd == -1 ? -1 : 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * Check the per-account or the global hush-login setting.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * Hushed mode is enabled:
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * a) if a global (e.g. /etc/hushlogins) hush file exists:
|
|
|
05ad79 |
+ * 1) for ALL ACCOUNTS if the file is empty
|
|
|
05ad79 |
+ * 2) for the current user if the username or shell is found in the file
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * b) if a ~/.hushlogin file exists
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * The ~/.hushlogin file is ignored if the global hush file exists.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * The HUSHLOGIN_FILE login.def variable overrides the default hush filename.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * Note that shadow-utils login(1) does not support "a1)". The "a1)" is
|
|
|
05ad79 |
+ * necessary if you want to use PAM for "Last login" message.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * -- Karel Zak <kzak@redhat.com> (26-Aug-2011)
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * The per-account check requires some explanation: As root we may not be able
|
|
|
05ad79 |
+ * to read the directory of the user if it is on an NFS-mounted filesystem. We
|
|
|
05ad79 |
+ * temporarily set our effective uid to the user-uid, making sure that we keep
|
|
|
05ad79 |
+ * root privileges in the real uid.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * A portable solution would require a fork(), but we rely on Linux having the
|
|
|
05ad79 |
+ * BSD setreuid().
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+int get_hushlogin_status(struct passwd *pwd, int force_check)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ const char *files[] = { _PATH_HUSHLOGINS, _PATH_HUSHLOGIN, NULL };
|
|
|
05ad79 |
+ const char *file;
|
|
|
05ad79 |
+ char buf[BUFSIZ];
|
|
|
05ad79 |
+ int i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ file = getlogindefs_str("HUSHLOGIN_FILE", NULL);
|
|
|
05ad79 |
+ if (file) {
|
|
|
05ad79 |
+ if (!*file)
|
|
|
05ad79 |
+ return 0; /* empty HUSHLOGIN_FILE defined */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ files[0] = file;
|
|
|
05ad79 |
+ files[1] = NULL;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ for (i = 0; files[i]; i++) {
|
|
|
05ad79 |
+ int ok = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ file = files[i];
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* global hush-file */
|
|
|
05ad79 |
+ if (*file == '/') {
|
|
|
05ad79 |
+ struct stat st;
|
|
|
05ad79 |
+ FILE *f;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (stat(file, &st) != 0)
|
|
|
05ad79 |
+ continue; /* file does not exist */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (st.st_size == 0)
|
|
|
05ad79 |
+ return 1; /* for all accounts */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ f = fopen(file, "r");
|
|
|
05ad79 |
+ if (!f)
|
|
|
05ad79 |
+ continue; /* ignore errors... */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (ok == 0 && fgets(buf, sizeof(buf), f)) {
|
|
|
05ad79 |
+ buf[strlen(buf) - 1] = '\0';
|
|
|
05ad79 |
+ ok = !strcmp(buf, *buf == '/' ? pwd->pw_shell :
|
|
|
05ad79 |
+ pwd->pw_name);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ fclose(f);
|
|
|
05ad79 |
+ if (ok)
|
|
|
05ad79 |
+ return 1; /* found username/shell */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return 0; /* ignore per-account files */
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* per-account setting */
|
|
|
05ad79 |
+ if (strlen(pwd->pw_dir) + sizeof(file) + 2 > sizeof(buf))
|
|
|
05ad79 |
+ continue;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ sprintf(buf, "%s/%s", pwd->pw_dir, file);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (force_check) {
|
|
|
05ad79 |
+ uid_t ruid = getuid();
|
|
|
05ad79 |
+ gid_t egid = getegid();
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (setregid(-1, pwd->pw_gid) == 0 &&
|
|
|
05ad79 |
+ setreuid(0, pwd->pw_uid) == 0)
|
|
|
05ad79 |
+ ok = effective_access(buf, O_RDONLY) == 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (setuid(0) != 0 ||
|
|
|
05ad79 |
+ setreuid(ruid, 0) != 0 ||
|
|
|
05ad79 |
+ setregid(-1, egid) != 0) {
|
|
|
05ad79 |
+ syslog(LOG_ALERT, _("hush login status: restore original IDs failed"));
|
|
|
05ad79 |
+ exit(EXIT_FAILURE);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ if (ok)
|
|
|
05ad79 |
+ return 1; /* enabled by user */
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ else {
|
|
|
05ad79 |
+ int rc;
|
|
|
05ad79 |
+ rc = effective_access(buf, O_RDONLY);
|
|
|
05ad79 |
+ if (rc == 0)
|
|
|
05ad79 |
+ return 1;
|
|
|
05ad79 |
+ else if (rc == -1 && errno == EACCES)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
#ifdef TEST_PROGRAM
|
|
|
05ad79 |
int main(int argc, char *argv[])
|
|
|
05ad79 |
{
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/logindefs.h.kzak util-linux-2.23.2/login-utils/logindefs.h
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/logindefs.h.kzak 2013-02-27 17:46:29.887020770 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/logindefs.h 2014-12-12 15:28:30.573177104 +0100
|
|
|
05ad79 |
@@ -8,5 +8,7 @@ extern unsigned long getlogindefs_num(co
|
|
|
05ad79 |
extern const char *getlogindefs_str(const char *name, const char *dflt);
|
|
|
05ad79 |
extern void free_getlogindefs_data(void);
|
|
|
05ad79 |
extern int logindefs_setenv(const char *name, const char *conf, const char *dflt);
|
|
|
05ad79 |
+extern int effective_access(const char *path, int mode);
|
|
|
05ad79 |
+extern int get_hushlogin_status(struct passwd *pwd, int force_check);
|
|
|
05ad79 |
|
|
|
05ad79 |
#endif /* UTIL_LINUX_LOGINDEFS_H */
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/lslogins.1.kzak util-linux-2.23.2/login-utils/lslogins.1
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/lslogins.1.kzak 2014-12-12 15:28:30.574177115 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/lslogins.1 2014-12-12 15:28:30.574177115 +0100
|
|
|
05ad79 |
@@ -0,0 +1,132 @@
|
|
|
05ad79 |
+.\" Copyright 2014 Ondrej Oprala (ondrej.oprala@gmail.com)
|
|
|
05ad79 |
+.\" May be distributed under the GNU General Public License
|
|
|
05ad79 |
+.TH LSLOGINS "1" "April 2014" "util-linux" "User Commands"
|
|
|
05ad79 |
+.SH NAME
|
|
|
05ad79 |
+lslogins \- display information about known users in the system
|
|
|
05ad79 |
+.SH SYNOPSIS
|
|
|
05ad79 |
+.B lslogins
|
|
|
05ad79 |
+[\fIoptions\fR] [\fB-s\fR|\fB-u\fR[=\fIUID\fR]] [\fB-g \fIgroups\fR] [\fB-l \fIlogins\fR]
|
|
|
05ad79 |
+.SH DESCRIPTION
|
|
|
05ad79 |
+.PP
|
|
|
05ad79 |
+Examine the wtmp and btmp logs, /etc/shadow (if necessary) and /etc/passwd
|
|
|
05ad79 |
+and output the desired data.
|
|
|
05ad79 |
+.PP
|
|
|
05ad79 |
+The default action is to list info about all the users in the system.
|
|
|
05ad79 |
+.SH OPTIONS
|
|
|
05ad79 |
+Mandatory arguments to long options are mandatory for short options too.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-a\fR, \fB\-\-acc\-expiration\fR
|
|
|
05ad79 |
+Display data about the date of last password change and the account expiration
|
|
|
05ad79 |
+date (see \fBshadow\fR(5) for more info). (Requires root priviliges.)
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-\-btmp\-file \fIpath\fP
|
|
|
05ad79 |
+Alternate path for btmp.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-c\fR, \fB\-\-colon\-separate\fR
|
|
|
05ad79 |
+Separate info about each user with a colon instead of a newline.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-e\fR, \fB\-\-export\fR
|
|
|
05ad79 |
+Output data in the format of NAME=VALUE.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-f\fR, \fB\-\-failed\fR
|
|
|
05ad79 |
+Display data about the users' last failed login attempts.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-G\fR, \fB\-\-groups\-info\fR
|
|
|
05ad79 |
+Show information about groups.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-g\fR, \fB\-\-groups\fR=\fIgroups\fR
|
|
|
05ad79 |
+Only show data of users belonging to \fIgroups\fR. More than one group
|
|
|
05ad79 |
+may be specified; the list has to be comma-separated.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-h\fR, \fB\-\-help\fR
|
|
|
05ad79 |
+Display help information and exit.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-L\fR, \fB\-\-last\fR
|
|
|
05ad79 |
+Display data containing information about the users' last login sessions.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-l\fR, \fB\-\-logins\fR=\fIlogins\fR
|
|
|
05ad79 |
+Only show data of users with a login specified in \fIlogins\fR (user names or user
|
|
|
05ad79 |
+IDS). More than one login may be specified; the list has to be comma-separated.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-m\fR, \fB\-\-supp\-groups\fR
|
|
|
05ad79 |
+Show supplementary groups.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-n\fR, \fB\-\-newline\fR
|
|
|
05ad79 |
+Display each piece of information on a separate line.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-\-noheadings\fR
|
|
|
05ad79 |
+Do not print a header line.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-\-notruncate\fR
|
|
|
05ad79 |
+Don't truncate output.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-o\fR, \fB\-\-output \fIlist\fP
|
|
|
05ad79 |
+Specify which output columns to print. Use
|
|
|
05ad79 |
+.B \-\-help
|
|
|
05ad79 |
+to get a list of all supported columns.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-p\fR, \fB\-\-pwd\fR
|
|
|
05ad79 |
+Display information related to login by password (see also \fB\-afL).
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-r\fR, \fB\-\-raw\fR
|
|
|
05ad79 |
+Raw output (no columnation).
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-s\fR, \fB\-\-system\-accs\fR[=\fIthreshold\fR]
|
|
|
05ad79 |
+Show system accounts. These are by default all accounts with a UID below 1000
|
|
|
05ad79 |
+(non-inclusive), with the exception of either nobody or nfsnobody (UID 65534). The UID
|
|
|
05ad79 |
+threshold can also be specified explicitly (necessary for some distributions that
|
|
|
05ad79 |
+allocate UIDs starting from 100, 500 - or an entirely different value - rather than 1000).
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-\-time-format\fR \fItype\fP
|
|
|
05ad79 |
+Display dates in short, full or iso format. The default is short, this time
|
|
|
05ad79 |
+format is designed to be space efficient and human readable.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-u\fR, \fB\-\-user\-accs\fR[=\fIthreshold\fR]
|
|
|
05ad79 |
+Show user accounts. These are by default all accounts with UID above 1000
|
|
|
05ad79 |
+(inclusive), with the exception of either nobody or nfsnobody (UID 65534). The UID
|
|
|
05ad79 |
+threshold can also be specified explicitly (necessary for some distributions that
|
|
|
05ad79 |
+allocate UIDs starting from 100, 500 - or an entirely different value - rather than 1000).
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-V\fR, \fB\-\-version\fR
|
|
|
05ad79 |
+Display version information and exit.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-\-wtmp\-file \fIpath\fP
|
|
|
05ad79 |
+Alternate path for wtmp.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-Z\fR, \fB\-\-context\fR
|
|
|
05ad79 |
+Display the users' security context.
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+\fB\-z\fR, \fB\-\-print0\fR
|
|
|
05ad79 |
+Delimit user entries with a nul character, instead of a newline.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+.SH NOTES
|
|
|
05ad79 |
+The default UID thresholds are read from /etc/login.defs.
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+.SH EXIT STATUS
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+0
|
|
|
05ad79 |
+if OK,
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+1
|
|
|
05ad79 |
+if incorrect arguments specified,
|
|
|
05ad79 |
+.TP
|
|
|
05ad79 |
+2
|
|
|
05ad79 |
+if a serious error occurs (e.g. a corrupt log).
|
|
|
05ad79 |
+.SH SEE ALSO
|
|
|
05ad79 |
+\fBgroup\fP(5), \fBpasswd\fP(5), \fBshadow\fP(5), \fButmp\fP(5)
|
|
|
05ad79 |
+.SH HISTORY
|
|
|
05ad79 |
+The \fBlslogins\fP utility is inspired by the \fBlogins\fP utility, which first appeared in FreeBSD 4.10.
|
|
|
05ad79 |
+.SH AUTHORS
|
|
|
05ad79 |
+.MT ooprala@redhat.com
|
|
|
05ad79 |
+Ondrej Oprala
|
|
|
05ad79 |
+.ME
|
|
|
05ad79 |
+.br
|
|
|
05ad79 |
+.MT kzak@redhat.com
|
|
|
05ad79 |
+Karel Zak
|
|
|
05ad79 |
+.ME
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+.SH AVAILABILITY
|
|
|
05ad79 |
+The lslogins command is part of the util-linux package and is available from
|
|
|
05ad79 |
+.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/
|
|
|
05ad79 |
+Linux Kernel Archive
|
|
|
05ad79 |
+.UE .
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/lslogins.c.kzak util-linux-2.23.2/login-utils/lslogins.c
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/lslogins.c.kzak 2014-12-12 15:28:30.575177127 +0100
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/lslogins.c 2014-12-12 15:29:19.084739609 +0100
|
|
|
05ad79 |
@@ -0,0 +1,1476 @@
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * lslogins - List information about users on the system
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * Copyright (C) 2014 Ondrej Oprala <ooprala@redhat.com>
|
|
|
05ad79 |
+ * Copyright (C) 2014 Karel Zak <kzak@redhat.com>
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * This program is free software; you can redistribute it and/or modify
|
|
|
05ad79 |
+ * it under the terms of the GNU General Public License as published by
|
|
|
05ad79 |
+ * the Free Software Foundation; either version 2 of the License, or
|
|
|
05ad79 |
+ * (at your option) any later version.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * This program is distributed in the hope that it would be useful,
|
|
|
05ad79 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
05ad79 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
05ad79 |
+ * GNU General Public License for more details.
|
|
|
05ad79 |
+ *
|
|
|
05ad79 |
+ * You should have received a copy of the GNU General Public License along
|
|
|
05ad79 |
+ * with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
05ad79 |
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <stdio.h>
|
|
|
05ad79 |
+#include <stdlib.h>
|
|
|
05ad79 |
+#include <unistd.h>
|
|
|
05ad79 |
+#include <getopt.h>
|
|
|
05ad79 |
+#include <sys/types.h>
|
|
|
05ad79 |
+#include <sys/stat.h>
|
|
|
05ad79 |
+#include <sys/syslog.h>
|
|
|
05ad79 |
+#include <pwd.h>
|
|
|
05ad79 |
+#include <grp.h>
|
|
|
05ad79 |
+#include <shadow.h>
|
|
|
05ad79 |
+#include <paths.h>
|
|
|
05ad79 |
+#include <time.h>
|
|
|
05ad79 |
+#include <utmp.h>
|
|
|
05ad79 |
+#include <signal.h>
|
|
|
05ad79 |
+#include <err.h>
|
|
|
05ad79 |
+#include <limits.h>
|
|
|
05ad79 |
+#include <ctype.h>
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <search.h>
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include <libsmartcols.h>
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+# include <selinux/selinux.h>
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#ifdef HAVE_LIBSYSTEMD
|
|
|
05ad79 |
+# include <systemd/sd-journal.h>
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#include "c.h"
|
|
|
05ad79 |
+#include "nls.h"
|
|
|
05ad79 |
+#include "closestream.h"
|
|
|
05ad79 |
+#include "xalloc.h"
|
|
|
05ad79 |
+#include "list.h"
|
|
|
05ad79 |
+#include "strutils.h"
|
|
|
05ad79 |
+#include "optutils.h"
|
|
|
05ad79 |
+#include "pathnames.h"
|
|
|
05ad79 |
+#include "logindefs.h"
|
|
|
05ad79 |
+#include "readutmp.h"
|
|
|
05ad79 |
+#include "procutils.h"
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * column description
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+struct lslogins_coldesc {
|
|
|
05ad79 |
+ const char *name;
|
|
|
05ad79 |
+ const char *help;
|
|
|
05ad79 |
+ const char *pretty_name;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ double whint; /* width hint */
|
|
|
05ad79 |
+ long flag;
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int lslogins_flag;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#define UL_UID_MIN 1000
|
|
|
05ad79 |
+#define UL_UID_MAX 60000
|
|
|
05ad79 |
+#define UL_SYS_UID_MIN 201
|
|
|
05ad79 |
+#define UL_SYS_UID_MAX 999
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* we use the value of outmode to determine
|
|
|
05ad79 |
+ * appropriate flags for the libsmartcols table
|
|
|
05ad79 |
+ * (e.g., a value of out_newline would imply a raw
|
|
|
05ad79 |
+ * table with the column separator set to '\n').
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+static int outmode;
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * output modes
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+enum {
|
|
|
05ad79 |
+ OUT_COLON = 1,
|
|
|
05ad79 |
+ OUT_EXPORT,
|
|
|
05ad79 |
+ OUT_NEWLINE,
|
|
|
05ad79 |
+ OUT_RAW,
|
|
|
05ad79 |
+ OUT_NUL,
|
|
|
05ad79 |
+ OUT_PRETTY
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+struct lslogins_user {
|
|
|
05ad79 |
+ char *login;
|
|
|
05ad79 |
+ uid_t uid;
|
|
|
05ad79 |
+ char *group;
|
|
|
05ad79 |
+ gid_t gid;
|
|
|
05ad79 |
+ char *gecos;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ int pwd_empty;
|
|
|
05ad79 |
+ int nologin;
|
|
|
05ad79 |
+ int pwd_lock;
|
|
|
05ad79 |
+ int pwd_deny;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ gid_t *sgroups;
|
|
|
05ad79 |
+ size_t nsgroups;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ char *pwd_ctime;
|
|
|
05ad79 |
+ char *pwd_warn;
|
|
|
05ad79 |
+ char *pwd_expire;
|
|
|
05ad79 |
+ char *pwd_ctime_min;
|
|
|
05ad79 |
+ char *pwd_ctime_max;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ char *last_login;
|
|
|
05ad79 |
+ char *last_tty;
|
|
|
05ad79 |
+ char *last_hostname;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ char *failed_login;
|
|
|
05ad79 |
+ char *failed_tty;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ security_context_t context;
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ char *homedir;
|
|
|
05ad79 |
+ char *shell;
|
|
|
05ad79 |
+ char *pwd_status;
|
|
|
05ad79 |
+ int hushed;
|
|
|
05ad79 |
+ char *nprocs;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * time modes
|
|
|
05ad79 |
+ * */
|
|
|
05ad79 |
+enum {
|
|
|
05ad79 |
+ TIME_INVALID = 0,
|
|
|
05ad79 |
+ TIME_SHORT,
|
|
|
05ad79 |
+ TIME_FULL,
|
|
|
05ad79 |
+ TIME_ISO,
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * flags
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+enum {
|
|
|
05ad79 |
+ F_SYSAC = (1 << 3),
|
|
|
05ad79 |
+ F_USRAC = (1 << 4),
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/*
|
|
|
05ad79 |
+ * IDs
|
|
|
05ad79 |
+ */
|
|
|
05ad79 |
+enum {
|
|
|
05ad79 |
+ COL_USER = 0,
|
|
|
05ad79 |
+ COL_UID,
|
|
|
05ad79 |
+ COL_GECOS,
|
|
|
05ad79 |
+ COL_HOME,
|
|
|
05ad79 |
+ COL_SHELL,
|
|
|
05ad79 |
+ COL_NOLOGIN,
|
|
|
05ad79 |
+ COL_PWDLOCK,
|
|
|
05ad79 |
+ COL_PWDEMPTY,
|
|
|
05ad79 |
+ COL_PWDDENY,
|
|
|
05ad79 |
+ COL_GROUP,
|
|
|
05ad79 |
+ COL_GID,
|
|
|
05ad79 |
+ COL_SGROUPS,
|
|
|
05ad79 |
+ COL_SGIDS,
|
|
|
05ad79 |
+ COL_LAST_LOGIN,
|
|
|
05ad79 |
+ COL_LAST_TTY,
|
|
|
05ad79 |
+ COL_LAST_HOSTNAME,
|
|
|
05ad79 |
+ COL_FAILED_LOGIN,
|
|
|
05ad79 |
+ COL_FAILED_TTY,
|
|
|
05ad79 |
+ COL_HUSH_STATUS,
|
|
|
05ad79 |
+ COL_PWD_WARN,
|
|
|
05ad79 |
+ COL_PWD_CTIME,
|
|
|
05ad79 |
+ COL_PWD_CTIME_MIN,
|
|
|
05ad79 |
+ COL_PWD_CTIME_MAX,
|
|
|
05ad79 |
+ COL_PWD_EXPIR,
|
|
|
05ad79 |
+ COL_SELINUX,
|
|
|
05ad79 |
+ COL_NPROCS,
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#define is_wtmp_col(x) ((x) == COL_LAST_LOGIN || \
|
|
|
05ad79 |
+ (x) == COL_LAST_TTY || \
|
|
|
05ad79 |
+ (x) == COL_LAST_HOSTNAME)
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#define is_btmp_col(x) ((x) == COL_FAILED_LOGIN || \
|
|
|
05ad79 |
+ (x) == COL_FAILED_TTY)
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+enum {
|
|
|
05ad79 |
+ STATUS_FALSE = 0,
|
|
|
05ad79 |
+ STATUS_TRUE,
|
|
|
05ad79 |
+ STATUS_UNKNOWN
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static const char *const status[] = {
|
|
|
05ad79 |
+ [STATUS_FALSE] = "0",
|
|
|
05ad79 |
+ [STATUS_TRUE] = "1",
|
|
|
05ad79 |
+ [STATUS_UNKNOWN]= NULL
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static const char *const pretty_status[] = {
|
|
|
05ad79 |
+ [STATUS_FALSE] = N_("no"),
|
|
|
05ad79 |
+ [STATUS_TRUE] = N_("yes"),
|
|
|
05ad79 |
+ [STATUS_UNKNOWN]= NULL
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#define get_status(x) (outmode == OUT_PRETTY ? pretty_status[(x)] : status[(x)])
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static const struct lslogins_coldesc coldescs[] =
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ [COL_USER] = { "USER", N_("user name"), N_("Username"), 0.1, SCOLS_FL_NOEXTREMES },
|
|
|
05ad79 |
+ [COL_UID] = { "UID", N_("user ID"), "UID", 1, SCOLS_FL_RIGHT},
|
|
|
05ad79 |
+ [COL_PWDEMPTY] = { "PWD-EMPTY", N_("password not required"), N_("Password not required"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWDDENY] = { "PWD-DENY", N_("login by password disabled"), N_("Login by password disabled"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWDLOCK] = { "PWD-LOCK", N_("password defined, but locked"), N_("Password is locked"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_NOLOGIN] = { "NOLOGIN", N_("log in disabled by nologin(8) or pam_nologin(8)"), N_("No login"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_GROUP] = { "GROUP", N_("primary group name"), N_("Primary group"), 0.1 },
|
|
|
05ad79 |
+ [COL_GID] = { "GID", N_("primary group ID"), "GID", 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_SGROUPS] = { "SUPP-GROUPS", N_("supplementary group names"), N_("Supplementary groups"), 0.1 },
|
|
|
05ad79 |
+ [COL_SGIDS] = { "SUPP-GIDS", N_("supplementary group IDs"), N_("Supplementary group IDs"), 0.1 },
|
|
|
05ad79 |
+ [COL_HOME] = { "HOMEDIR", N_("home directory"), N_("Home directory"), 0.1 },
|
|
|
05ad79 |
+ [COL_SHELL] = { "SHELL", N_("login shell"), N_("Shell"), 0.1 },
|
|
|
05ad79 |
+ [COL_GECOS] = { "GECOS", N_("full user name"), N_("Gecos field"), 0.1, SCOLS_FL_TRUNC },
|
|
|
05ad79 |
+ [COL_LAST_LOGIN] = { "LAST-LOGIN", N_("date of last login"), N_("Last login"), 0.1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_LAST_TTY] = { "LAST-TTY", N_("last tty used"), N_("Last terminal"), 0.05 },
|
|
|
05ad79 |
+ [COL_LAST_HOSTNAME] = { "LAST-HOSTNAME",N_("hostname during the last session"), N_("Last hostname"), 0.1},
|
|
|
05ad79 |
+ [COL_FAILED_LOGIN] = { "FAILED-LOGIN", N_("date of last failed login"), N_("Failed login"), 0.1 },
|
|
|
05ad79 |
+ [COL_FAILED_TTY] = { "FAILED-TTY", N_("where did the login fail?"), N_("Failed login terminal"), 0.05 },
|
|
|
05ad79 |
+ [COL_HUSH_STATUS] = { "HUSHED", N_("user's hush settings"), N_("Hushed"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWD_WARN] = { "PWD-WARN", N_("days user is warned of password expiration"), N_("Password expiration warn interval"), 0.1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWD_EXPIR] = { "PWD-EXPIR", N_("password expiration date"), N_("Password expiration"), 0.1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWD_CTIME] = { "PWD-CHANGE", N_("date of last password change"), N_("Password changed"), 0.1, SCOLS_FL_RIGHT},
|
|
|
05ad79 |
+ [COL_PWD_CTIME_MIN] = { "PWD-MIN", N_("number of days required between changes"), N_("Minimum change time"), 0.1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_PWD_CTIME_MAX] = { "PWD-MAX", N_("max number of days a password may remain unchanged"), N_("Maximum change time"), 0.1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+ [COL_SELINUX] = { "CONTEXT", N_("the user's security context"), N_("Selinux context"), 0.1 },
|
|
|
05ad79 |
+ [COL_NPROCS] = { "PROC", N_("number of processes run by the user"), N_("Running processes"), 1, SCOLS_FL_RIGHT },
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+struct lslogins_control {
|
|
|
05ad79 |
+ struct utmp *wtmp;
|
|
|
05ad79 |
+ size_t wtmp_size;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ struct utmp *btmp;
|
|
|
05ad79 |
+ size_t btmp_size;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ void *usertree;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ uid_t uid;
|
|
|
05ad79 |
+ uid_t UID_MIN;
|
|
|
05ad79 |
+ uid_t UID_MAX;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ uid_t SYS_UID_MIN;
|
|
|
05ad79 |
+ uid_t SYS_UID_MAX;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ char **ulist;
|
|
|
05ad79 |
+ size_t ulsiz;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ unsigned int time_mode;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ const char *journal_path;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ unsigned int selinux_enabled : 1,
|
|
|
05ad79 |
+ ulist_on : 1,
|
|
|
05ad79 |
+ noheadings : 1,
|
|
|
05ad79 |
+ notrunc : 1;
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* these have to remain global since there's no other reasonable way to pass
|
|
|
05ad79 |
+ * them for each call of fill_table() via twalk() */
|
|
|
05ad79 |
+static struct libscols_table *tb;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* columns[] array specifies all currently wanted output column. The columns
|
|
|
05ad79 |
+ * are defined by coldescs[] array and you can specify (on command line) each
|
|
|
05ad79 |
+ * column twice. That's enough, dynamically allocated array of the columns is
|
|
|
05ad79 |
+ * unnecessary overkill and over-engineering in this case */
|
|
|
05ad79 |
+static int columns[ARRAY_SIZE(coldescs) * 2];
|
|
|
05ad79 |
+static int ncolumns;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static inline size_t err_columns_index(size_t arysz, size_t idx)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ if (idx >= arysz)
|
|
|
05ad79 |
+ errx(EXIT_FAILURE, _("too many columns specified, "
|
|
|
05ad79 |
+ "the limit is %zu columns"),
|
|
|
05ad79 |
+ arysz - 1);
|
|
|
05ad79 |
+ return idx;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+#define add_column(ary, n, id) \
|
|
|
05ad79 |
+ ((ary)[ err_columns_index(ARRAY_SIZE(ary), (n)) ] = (id))
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct timeval now;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int date_is_today(time_t t)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ if (now.tv_sec == 0)
|
|
|
05ad79 |
+ gettimeofday(&now, NULL);
|
|
|
05ad79 |
+ return t / (3600 * 24) == now.tv_sec / (3600 * 24);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int date_is_thisyear(time_t t)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ if (now.tv_sec == 0)
|
|
|
05ad79 |
+ gettimeofday(&now, NULL);
|
|
|
05ad79 |
+ return t / (3600 * 24 * 365) == now.tv_sec / (3600 * 24 * 365);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int column_name_to_id(const char *name, size_t namesz)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ for (i = 0; i < ARRAY_SIZE(coldescs); i++) {
|
|
|
05ad79 |
+ const char *cn = coldescs[i].name;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!strncasecmp(name, cn, namesz) && !*(cn + namesz))
|
|
|
05ad79 |
+ return i;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ warnx(_("unknown column: %s"), name);
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static char *make_time(int mode, time_t time)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ char *s;
|
|
|
05ad79 |
+ struct tm tm;
|
|
|
05ad79 |
+ char buf[64] = {0};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ localtime_r(&time, &tm;;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ switch(mode) {
|
|
|
05ad79 |
+ case TIME_FULL:
|
|
|
05ad79 |
+ asctime_r(&tm, buf);
|
|
|
05ad79 |
+ if (*(s = buf + strlen(buf) - 1) == '\n')
|
|
|
05ad79 |
+ *s = '\0';
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case TIME_SHORT:
|
|
|
05ad79 |
+ if (date_is_today(time))
|
|
|
05ad79 |
+ strftime(buf, sizeof(buf), "%H:%M:%S", &tm;;
|
|
|
05ad79 |
+ else if (date_is_thisyear(time))
|
|
|
05ad79 |
+ strftime(buf, sizeof(buf), "%b%d/%H:%M", &tm;;
|
|
|
05ad79 |
+ else
|
|
|
05ad79 |
+ strftime(buf, sizeof(buf), "%Y-%b%d", &tm;;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case TIME_ISO:
|
|
|
05ad79 |
+ strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%S%z", &tm;;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ default:
|
|
|
05ad79 |
+ errx(EXIT_FAILURE, _("unsupported time type"));
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ return xstrdup(buf);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static char *uidtostr(uid_t uid)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ char *str_uid = NULL;
|
|
|
05ad79 |
+ xasprintf(&str_uid, "%u", uid);
|
|
|
05ad79 |
+ return str_uid;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static char *gidtostr(gid_t gid)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ char *str_gid = NULL;
|
|
|
05ad79 |
+ xasprintf(&str_gid, "%u", gid);
|
|
|
05ad79 |
+ return str_gid;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static char *build_sgroups_string(gid_t *sgroups, size_t nsgroups, int want_names)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n = 0, maxlen, len;
|
|
|
05ad79 |
+ char *res, *p;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!nsgroups)
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ len = maxlen = nsgroups * 10;
|
|
|
05ad79 |
+ res = p = xmalloc(maxlen);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (n < nsgroups) {
|
|
|
05ad79 |
+ int x;
|
|
|
05ad79 |
+again:
|
|
|
05ad79 |
+ if (!want_names)
|
|
|
05ad79 |
+ x = snprintf(p, len, "%u,", sgroups[n]);
|
|
|
05ad79 |
+ else {
|
|
|
05ad79 |
+ struct group *grp = getgrgid(sgroups[n]);
|
|
|
05ad79 |
+ if (!grp) {
|
|
|
05ad79 |
+ free(res);
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ x = snprintf(p, len, "%s,", grp->gr_name);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (x < 0 || (size_t) x + 1 > len) {
|
|
|
05ad79 |
+ size_t cur = p - res;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ maxlen *= 2;
|
|
|
05ad79 |
+ res = xrealloc(res, maxlen);
|
|
|
05ad79 |
+ p = res + cur;
|
|
|
05ad79 |
+ len = maxlen - cur;
|
|
|
05ad79 |
+ goto again;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ len -= x;
|
|
|
05ad79 |
+ p += x;
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (p > res)
|
|
|
05ad79 |
+ *(p - 1) = '\0';
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return res;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct utmp *get_last_wtmp(struct lslogins_control *ctl, const char *username)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n = 0;
|
|
|
05ad79 |
+ size_t len;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!username)
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ len = strlen(username);
|
|
|
05ad79 |
+ n = ctl->wtmp_size - 1;
|
|
|
05ad79 |
+ do {
|
|
|
05ad79 |
+ if (!strncmp(username, ctl->wtmp[n].ut_user,
|
|
|
05ad79 |
+ len < UT_NAMESIZE ? len : UT_NAMESIZE))
|
|
|
05ad79 |
+ return ctl->wtmp + n;
|
|
|
05ad79 |
+ } while (n--);
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int require_wtmp(void)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+ for (i = 0; i < (size_t) ncolumns; i++)
|
|
|
05ad79 |
+ if (is_wtmp_col(columns[i]))
|
|
|
05ad79 |
+ return 1;
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int require_btmp(void)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+ for (i = 0; i < (size_t) ncolumns; i++)
|
|
|
05ad79 |
+ if (is_btmp_col(columns[i]))
|
|
|
05ad79 |
+ return 1;
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct utmp *get_last_btmp(struct lslogins_control *ctl, const char *username)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n = 0;
|
|
|
05ad79 |
+ size_t len;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!username)
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ len = strlen(username);
|
|
|
05ad79 |
+ n = ctl->btmp_size - 1;
|
|
|
05ad79 |
+ do {
|
|
|
05ad79 |
+ if (!strncmp(username, ctl->btmp[n].ut_user,
|
|
|
05ad79 |
+ len < UT_NAMESIZE ? len : UT_NAMESIZE))
|
|
|
05ad79 |
+ return ctl->btmp + n;
|
|
|
05ad79 |
+ }while (n--);
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int parse_wtmp(struct lslogins_control *ctl, char *path)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ int rc = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ rc = read_utmp(path, &ctl->wtmp_size, &ctl->wtmp);
|
|
|
05ad79 |
+ if (rc < 0 && errno != EACCES)
|
|
|
05ad79 |
+ err(EXIT_FAILURE, "%s", path);
|
|
|
05ad79 |
+ return rc;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int parse_btmp(struct lslogins_control *ctl, char *path)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ int rc = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ rc = read_utmp(path, &ctl->btmp_size, &ctl->btmp);
|
|
|
05ad79 |
+ if (rc < 0 && errno != EACCES)
|
|
|
05ad79 |
+ err(EXIT_FAILURE, "%s", path);
|
|
|
05ad79 |
+ return rc;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int get_sgroups(gid_t **list, size_t *len, struct passwd *pwd)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ *len = 0;
|
|
|
05ad79 |
+ *list = NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* first let's get a supp. group count */
|
|
|
05ad79 |
+ getgrouplist(pwd->pw_name, pwd->pw_gid, *list, (int *) len);
|
|
|
05ad79 |
+ if (!*len)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ *list = xcalloc(1, *len * sizeof(gid_t));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* now for the actual list of GIDs */
|
|
|
05ad79 |
+ if (-1 == getgrouplist(pwd->pw_name, pwd->pw_gid, *list, (int *) len))
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* getgroups also returns the user's primary GID - dispose of it */
|
|
|
05ad79 |
+ while (n < *len) {
|
|
|
05ad79 |
+ if ((*list)[n] == pwd->pw_gid)
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (*len)
|
|
|
05ad79 |
+ (*list)[n] = (*list)[--(*len)];
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int get_nprocs(const uid_t uid)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ int nprocs = 0;
|
|
|
05ad79 |
+ pid_t pid;
|
|
|
05ad79 |
+ struct proc_processes *proc = proc_open_processes();
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ proc_processes_filter_by_uid(proc, uid);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (!proc_next_pid(proc, &pid))
|
|
|
05ad79 |
+ ++nprocs;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ proc_close_processes(proc);
|
|
|
05ad79 |
+ return nprocs;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int valid_pwd(const char *str)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ const char *p;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ for (p = str; p && *p; p++)
|
|
|
05ad79 |
+ if (!isalnum((unsigned int) *p))
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+ return p > str ? 1 : 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct lslogins_user *get_user_info(struct lslogins_control *ctl, const char *username)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct lslogins_user *user;
|
|
|
05ad79 |
+ struct passwd *pwd;
|
|
|
05ad79 |
+ struct group *grp;
|
|
|
05ad79 |
+ struct spwd *shadow;
|
|
|
05ad79 |
+ struct utmp *user_wtmp = NULL, *user_btmp = NULL;
|
|
|
05ad79 |
+ int n = 0;
|
|
|
05ad79 |
+ time_t time;
|
|
|
05ad79 |
+ uid_t uid;
|
|
|
05ad79 |
+ errno = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ pwd = username ? getpwnam(username) : getpwent();
|
|
|
05ad79 |
+ if (!pwd)
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ ctl->uid = uid = pwd->pw_uid;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* nfsnobody is an exception to the UID_MAX limit. This is "nobody" on
|
|
|
05ad79 |
+ * some systems; the decisive point is the UID - 65534 */
|
|
|
05ad79 |
+ if ((lslogins_flag & F_USRAC) &&
|
|
|
05ad79 |
+ strcmp("nfsnobody", pwd->pw_name) != 0 &&
|
|
|
05ad79 |
+ uid != 0) {
|
|
|
05ad79 |
+ if (uid < ctl->UID_MIN || uid > ctl->UID_MAX) {
|
|
|
05ad79 |
+ errno = EAGAIN;
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ } else if ((lslogins_flag & F_SYSAC) &&
|
|
|
05ad79 |
+ (uid < ctl->SYS_UID_MIN || uid > ctl->SYS_UID_MAX)) {
|
|
|
05ad79 |
+ errno = EAGAIN;
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ user = xcalloc(1, sizeof(struct lslogins_user));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ grp = getgrgid(pwd->pw_gid);
|
|
|
05ad79 |
+ if (!grp)
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (ctl->wtmp)
|
|
|
05ad79 |
+ user_wtmp = get_last_wtmp(ctl, pwd->pw_name);
|
|
|
05ad79 |
+ if (ctl->btmp)
|
|
|
05ad79 |
+ user_btmp = get_last_btmp(ctl, pwd->pw_name);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ lckpwdf();
|
|
|
05ad79 |
+ shadow = getspnam(pwd->pw_name);
|
|
|
05ad79 |
+ ulckpwdf();
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* required by tseach() stuff */
|
|
|
05ad79 |
+ user->uid = pwd->pw_uid;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (n < ncolumns) {
|
|
|
05ad79 |
+ switch (columns[n++]) {
|
|
|
05ad79 |
+ case COL_USER:
|
|
|
05ad79 |
+ user->login = xstrdup(pwd->pw_name);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_UID:
|
|
|
05ad79 |
+ user->uid = pwd->pw_uid;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GROUP:
|
|
|
05ad79 |
+ user->group = xstrdup(grp->gr_name);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GID:
|
|
|
05ad79 |
+ user->gid = pwd->pw_gid;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SGROUPS:
|
|
|
05ad79 |
+ case COL_SGIDS:
|
|
|
05ad79 |
+ if (get_sgroups(&user->sgroups, &user->nsgroups, pwd))
|
|
|
05ad79 |
+ err(EXIT_FAILURE, _("failed to get supplementary groups"));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_HOME:
|
|
|
05ad79 |
+ user->homedir = xstrdup(pwd->pw_dir);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SHELL:
|
|
|
05ad79 |
+ user->shell = xstrdup(pwd->pw_shell);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GECOS:
|
|
|
05ad79 |
+ user->gecos = xstrdup(pwd->pw_gecos);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_LOGIN:
|
|
|
05ad79 |
+ if (user_wtmp) {
|
|
|
05ad79 |
+ time = user_wtmp->ut_tv.tv_sec;
|
|
|
05ad79 |
+ user->last_login = make_time(ctl->time_mode, time);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_TTY:
|
|
|
05ad79 |
+ if (user_wtmp)
|
|
|
05ad79 |
+ user->last_tty = xstrdup(user_wtmp->ut_line);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_HOSTNAME:
|
|
|
05ad79 |
+ if (user_wtmp)
|
|
|
05ad79 |
+ user->last_hostname = xstrdup(user_wtmp->ut_host);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_FAILED_LOGIN:
|
|
|
05ad79 |
+ if (user_btmp) {
|
|
|
05ad79 |
+ time = user_btmp->ut_tv.tv_sec;
|
|
|
05ad79 |
+ user->failed_login = make_time(ctl->time_mode, time);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_FAILED_TTY:
|
|
|
05ad79 |
+ if (user_btmp)
|
|
|
05ad79 |
+ user->failed_tty = xstrdup(user_btmp->ut_line);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_HUSH_STATUS:
|
|
|
05ad79 |
+ user->hushed = get_hushlogin_status(pwd, 0);
|
|
|
05ad79 |
+ if (user->hushed == -1)
|
|
|
05ad79 |
+ user->hushed = STATUS_UNKNOWN;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWDEMPTY:
|
|
|
05ad79 |
+ if (shadow) {
|
|
|
05ad79 |
+ if (!*shadow->sp_pwdp) /* '\0' */
|
|
|
05ad79 |
+ user->pwd_empty = STATUS_TRUE;
|
|
|
05ad79 |
+ } else
|
|
|
05ad79 |
+ user->pwd_empty = STATUS_UNKNOWN;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWDDENY:
|
|
|
05ad79 |
+ if (shadow) {
|
|
|
05ad79 |
+ if ((*shadow->sp_pwdp == '!' ||
|
|
|
05ad79 |
+ *shadow->sp_pwdp == '*') &&
|
|
|
05ad79 |
+ !valid_pwd(shadow->sp_pwdp + 1))
|
|
|
05ad79 |
+ user->pwd_deny = STATUS_TRUE;
|
|
|
05ad79 |
+ } else
|
|
|
05ad79 |
+ user->pwd_deny = STATUS_UNKNOWN;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ case COL_PWDLOCK:
|
|
|
05ad79 |
+ if (shadow) {
|
|
|
05ad79 |
+ if (*shadow->sp_pwdp == '!' && valid_pwd(shadow->sp_pwdp + 1))
|
|
|
05ad79 |
+ user->pwd_lock = STATUS_TRUE;
|
|
|
05ad79 |
+ } else
|
|
|
05ad79 |
+ user->pwd_lock = STATUS_UNKNOWN;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_NOLOGIN:
|
|
|
05ad79 |
+ if (strstr(pwd->pw_shell, "nologin"))
|
|
|
05ad79 |
+ user->nologin = 1;
|
|
|
05ad79 |
+ else if (pwd->pw_uid)
|
|
|
05ad79 |
+ user->nologin = access("/etc/nologin", F_OK) == 0 ||
|
|
|
05ad79 |
+ access("/var/run/nologin", F_OK) == 0;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_WARN:
|
|
|
05ad79 |
+ if (shadow && shadow->sp_warn >= 0)
|
|
|
05ad79 |
+ xasprintf(&user->pwd_warn, "%ld", shadow->sp_warn);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_EXPIR:
|
|
|
05ad79 |
+ if (shadow && shadow->sp_expire >= 0)
|
|
|
05ad79 |
+ user->pwd_expire = make_time(TIME_SHORT,
|
|
|
05ad79 |
+ shadow->sp_expire * 86400);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME:
|
|
|
05ad79 |
+ /* sp_lstchg is specified in days, showing hours
|
|
|
05ad79 |
+ * (especially in non-GMT timezones) would only serve
|
|
|
05ad79 |
+ * to confuse */
|
|
|
05ad79 |
+ if (shadow)
|
|
|
05ad79 |
+ user->pwd_ctime = make_time(TIME_SHORT,
|
|
|
05ad79 |
+ shadow->sp_lstchg * 86400);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME_MIN:
|
|
|
05ad79 |
+ if (shadow && shadow->sp_min > 0)
|
|
|
05ad79 |
+ xasprintf(&user->pwd_ctime_min, "%ld", shadow->sp_min);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME_MAX:
|
|
|
05ad79 |
+ if (shadow && shadow->sp_max > 0)
|
|
|
05ad79 |
+ xasprintf(&user->pwd_ctime_max, "%ld", shadow->sp_max);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SELINUX:
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ if (ctl->selinux_enabled) {
|
|
|
05ad79 |
+ /* typedefs and pointers are pure evil */
|
|
|
05ad79 |
+ security_context_t con = NULL;
|
|
|
05ad79 |
+ if (getcon(&con) == 0)
|
|
|
05ad79 |
+ user->context = con;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_NPROCS:
|
|
|
05ad79 |
+ xasprintf(&user->nprocs, "%d", get_nprocs(pwd->pw_uid));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ default:
|
|
|
05ad79 |
+ /* something went very wrong here */
|
|
|
05ad79 |
+ err(EXIT_FAILURE, "fatal: unknown error");
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return user;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* some UNIX implementations set errno iff a passwd/grp/...
|
|
|
05ad79 |
+ * entry was not found. The original UNIX logins(1) utility always
|
|
|
05ad79 |
+ * ignores invalid login/group names, so we're going to as well.*/
|
|
|
05ad79 |
+#define IS_REAL_ERRNO(e) !((e) == ENOENT || (e) == ESRCH || \
|
|
|
05ad79 |
+ (e) == EBADF || (e) == EPERM || (e) == EAGAIN)
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+/* get a definitive list of users we want info about... */
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int str_to_uint(char *s, unsigned int *ul)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ char *end;
|
|
|
05ad79 |
+ if (!s || !*s)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+ *ul = strtoul(s, &end, 0);
|
|
|
05ad79 |
+ if (!*end)
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+ return 1;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int get_ulist(struct lslogins_control *ctl, char *logins, char *groups)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ char *u, *g;
|
|
|
05ad79 |
+ size_t i = 0, n = 0, *arsiz;
|
|
|
05ad79 |
+ struct group *grp;
|
|
|
05ad79 |
+ struct passwd *pwd;
|
|
|
05ad79 |
+ char ***ar;
|
|
|
05ad79 |
+ uid_t uid;
|
|
|
05ad79 |
+ gid_t gid;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ ar = &ctl->ulist;
|
|
|
05ad79 |
+ arsiz = &ctl->ulsiz;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* an arbitrary starting value */
|
|
|
05ad79 |
+ *arsiz = 32;
|
|
|
05ad79 |
+ *ar = xcalloc(1, sizeof(char *) * (*arsiz));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (logins) {
|
|
|
05ad79 |
+ while ((u = strtok(logins, ","))) {
|
|
|
05ad79 |
+ logins = NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* user specified by UID? */
|
|
|
05ad79 |
+ if (!str_to_uint(u, &uid)) {
|
|
|
05ad79 |
+ pwd = getpwuid(uid);
|
|
|
05ad79 |
+ if (!pwd)
|
|
|
05ad79 |
+ continue;
|
|
|
05ad79 |
+ u = pwd->pw_name;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ (*ar)[i++] = xstrdup(u);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (i == *arsiz)
|
|
|
05ad79 |
+ *ar = xrealloc(*ar, sizeof(char *) * (*arsiz += 32));
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ ctl->ulist_on = 1;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (groups) {
|
|
|
05ad79 |
+ /* FIXME: this might lead to duplicit entries, although not visible
|
|
|
05ad79 |
+ * in output, crunching a user's info multiple times is very redundant */
|
|
|
05ad79 |
+ while ((g = strtok(groups, ","))) {
|
|
|
05ad79 |
+ n = 0;
|
|
|
05ad79 |
+ groups = NULL;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* user specified by GID? */
|
|
|
05ad79 |
+ if (!str_to_uint(g, &gid))
|
|
|
05ad79 |
+ grp = getgrgid(gid);
|
|
|
05ad79 |
+ else
|
|
|
05ad79 |
+ grp = getgrnam(g);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!grp)
|
|
|
05ad79 |
+ continue;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while ((u = grp->gr_mem[n++])) {
|
|
|
05ad79 |
+ (*ar)[i++] = xstrdup(u);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (i == *arsiz)
|
|
|
05ad79 |
+ *ar = xrealloc(*ar, sizeof(char *) * (*arsiz += 32));
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ ctl->ulist_on = 1;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ *arsiz = i;
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static void free_ctl(struct lslogins_control *ctl)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ free(ctl->wtmp);
|
|
|
05ad79 |
+ free(ctl->btmp);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (n < ctl->ulsiz)
|
|
|
05ad79 |
+ free(ctl->ulist[n++]);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ free(ctl->ulist);
|
|
|
05ad79 |
+ free(ctl);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct lslogins_user *get_next_user(struct lslogins_control *ctl)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct lslogins_user *u;
|
|
|
05ad79 |
+ errno = 0;
|
|
|
05ad79 |
+ while (!(u = get_user_info(ctl, NULL))) {
|
|
|
05ad79 |
+ /* no "false" errno-s here, iff we're unable to
|
|
|
05ad79 |
+ * get a valid user entry for any reason, quit */
|
|
|
05ad79 |
+ if (errno == EAGAIN)
|
|
|
05ad79 |
+ continue;
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ return u;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int get_user(struct lslogins_control *ctl, struct lslogins_user **user,
|
|
|
05ad79 |
+ const char *username)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ *user = get_user_info(ctl, username);
|
|
|
05ad79 |
+ if (!*user && errno)
|
|
|
05ad79 |
+ if (IS_REAL_ERRNO(errno))
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int cmp_uid(const void *a, const void *b)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ uid_t x = ((struct lslogins_user *)a)->uid;
|
|
|
05ad79 |
+ uid_t z = ((struct lslogins_user *)b)->uid;
|
|
|
05ad79 |
+ return x > z ? 1 : (x < z ? -1 : 0);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int create_usertree(struct lslogins_control *ctl)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct lslogins_user *user = NULL;
|
|
|
05ad79 |
+ size_t n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (ctl->ulist_on) {
|
|
|
05ad79 |
+ while (n < ctl->ulsiz) {
|
|
|
05ad79 |
+ if (get_user(ctl, &user, ctl->ulist[n]))
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+ if (user) /* otherwise an invalid user name has probably been given */
|
|
|
05ad79 |
+ tsearch(user, &ctl->usertree, cmp_uid);
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ } else {
|
|
|
05ad79 |
+ while ((user = get_next_user(ctl)))
|
|
|
05ad79 |
+ tsearch(user, &ctl->usertree, cmp_uid);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct libscols_table *setup_table(struct lslogins_control *ctl)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct libscols_table *tb = scols_new_table();
|
|
|
05ad79 |
+ int n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!tb)
|
|
|
05ad79 |
+ errx(EXIT_FAILURE, _("failed to initialize output table"));
|
|
|
05ad79 |
+ if (ctl->noheadings)
|
|
|
05ad79 |
+ scols_table_enable_noheadings(tb, 1);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ switch(outmode) {
|
|
|
05ad79 |
+ case OUT_COLON:
|
|
|
05ad79 |
+ scols_table_enable_raw(tb, 1);
|
|
|
05ad79 |
+ scols_table_set_column_separator(tb, ":");
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OUT_NEWLINE:
|
|
|
05ad79 |
+ scols_table_set_column_separator(tb, "\n");
|
|
|
05ad79 |
+ /* fallthrough */
|
|
|
05ad79 |
+ case OUT_EXPORT:
|
|
|
05ad79 |
+ scols_table_enable_export(tb, 1);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OUT_NUL:
|
|
|
05ad79 |
+ scols_table_set_line_separator(tb, "\0");
|
|
|
05ad79 |
+ /* fallthrough */
|
|
|
05ad79 |
+ case OUT_RAW:
|
|
|
05ad79 |
+ scols_table_enable_raw(tb, 1);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OUT_PRETTY:
|
|
|
05ad79 |
+ scols_table_enable_noheadings(tb, 1);
|
|
|
05ad79 |
+ default:
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while (n < ncolumns) {
|
|
|
05ad79 |
+ int flags = coldescs[columns[n]].flag;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (ctl->notrunc)
|
|
|
05ad79 |
+ flags &= ~SCOLS_FL_TRUNC;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (!scols_table_new_column(tb,
|
|
|
05ad79 |
+ coldescs[columns[n]].name,
|
|
|
05ad79 |
+ coldescs[columns[n]].whint,
|
|
|
05ad79 |
+ flags))
|
|
|
05ad79 |
+ goto fail;
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return tb;
|
|
|
05ad79 |
+fail:
|
|
|
05ad79 |
+ scols_unref_table(tb);
|
|
|
05ad79 |
+ return NULL;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static void fill_table(const void *u, const VISIT which, const int depth __attribute__((unused)))
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct libscols_line *ln;
|
|
|
05ad79 |
+ struct lslogins_user *user = *(struct lslogins_user **)u;
|
|
|
05ad79 |
+ int n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (which == preorder || which == endorder)
|
|
|
05ad79 |
+ return;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ ln = scols_table_new_line(tb, NULL);
|
|
|
05ad79 |
+ while (n < ncolumns) {
|
|
|
05ad79 |
+ int rc = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ switch (columns[n]) {
|
|
|
05ad79 |
+ case COL_USER:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->login);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_UID:
|
|
|
05ad79 |
+ rc = scols_line_refer_data(ln, n, uidtostr(user->uid));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWDEMPTY:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, get_status(user->pwd_empty));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_NOLOGIN:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, get_status(user->nologin));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWDLOCK:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, get_status(user->pwd_lock));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWDDENY:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, get_status(user->pwd_deny));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GROUP:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->group);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GID:
|
|
|
05ad79 |
+ rc = scols_line_refer_data(ln, n, gidtostr(user->gid));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SGROUPS:
|
|
|
05ad79 |
+ rc = scols_line_refer_data(ln, n,
|
|
|
05ad79 |
+ build_sgroups_string(user->sgroups,
|
|
|
05ad79 |
+ user->nsgroups,
|
|
|
05ad79 |
+ TRUE));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SGIDS:
|
|
|
05ad79 |
+ rc = scols_line_refer_data(ln, n,
|
|
|
05ad79 |
+ build_sgroups_string(user->sgroups,
|
|
|
05ad79 |
+ user->nsgroups,
|
|
|
05ad79 |
+ FALSE));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_HOME:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->homedir);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SHELL:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->shell);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_GECOS:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->gecos);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_LOGIN:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->last_login);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_TTY:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->last_tty);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_LAST_HOSTNAME:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->last_hostname);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_FAILED_LOGIN:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->failed_login);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_FAILED_TTY:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->failed_tty);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_HUSH_STATUS:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, get_status(user->hushed));
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_WARN:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->pwd_warn);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_EXPIR:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->pwd_expire);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->pwd_ctime);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME_MIN:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->pwd_ctime_min);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_PWD_CTIME_MAX:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->pwd_ctime_max);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_SELINUX:
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->context);
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case COL_NPROCS:
|
|
|
05ad79 |
+ rc = scols_line_set_data(ln, n, user->nprocs);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ default:
|
|
|
05ad79 |
+ /* something went very wrong here */
|
|
|
05ad79 |
+ err(EXIT_FAILURE, _("internal error: unknown column"));
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (rc != 0)
|
|
|
05ad79 |
+ err(EXIT_FAILURE, _("failed to set data"));
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ return;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+#ifdef HAVE_LIBSYSTEMD
|
|
|
05ad79 |
+static void print_journal_tail(const char *journal_path, uid_t uid, size_t len)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ sd_journal *j;
|
|
|
05ad79 |
+ char *match, *buf;
|
|
|
05ad79 |
+ uint64_t x;
|
|
|
05ad79 |
+ time_t t;
|
|
|
05ad79 |
+ const char *identifier, *pid, *message;
|
|
|
05ad79 |
+ size_t identifier_len, pid_len, message_len;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (journal_path)
|
|
|
05ad79 |
+ sd_journal_open_directory(&j, journal_path, 0);
|
|
|
05ad79 |
+ else
|
|
|
05ad79 |
+ sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ buf = xmalloc(sizeof(char) * 16);
|
|
|
05ad79 |
+ xasprintf(&match, "_UID=%d", uid);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ sd_journal_add_match(j, match, 0);
|
|
|
05ad79 |
+ sd_journal_seek_tail(j);
|
|
|
05ad79 |
+ sd_journal_previous_skip(j, len);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ do {
|
|
|
05ad79 |
+ if (0 > sd_journal_get_data(j, "SYSLOG_IDENTIFIER",
|
|
|
05ad79 |
+ (const void **) &identifier, &identifier_len))
|
|
|
05ad79 |
+ return;
|
|
|
05ad79 |
+ if (0 > sd_journal_get_data(j, "_PID",
|
|
|
05ad79 |
+ (const void **) &pid, &pid_len))
|
|
|
05ad79 |
+ return;
|
|
|
05ad79 |
+ if (0 > sd_journal_get_data(j, "MESSAGE",
|
|
|
05ad79 |
+ (const void **) &message, &message_len))
|
|
|
05ad79 |
+ return;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ sd_journal_get_realtime_usec(j, &x);
|
|
|
05ad79 |
+ t = x / 1000000;
|
|
|
05ad79 |
+ strftime(buf, 16, "%b %d %H:%M:%S", localtime(&t);;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fprintf(stdout, "%s", buf);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ identifier = strchr(identifier, '=') + 1;
|
|
|
05ad79 |
+ pid = strchr(pid, '=') + 1 ;
|
|
|
05ad79 |
+ message = strchr(message, '=') + 1;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fprintf(stdout, " %s", identifier);
|
|
|
05ad79 |
+ fprintf(stdout, "[%s]:", pid);
|
|
|
05ad79 |
+ fprintf(stdout, "%s\n", message);
|
|
|
05ad79 |
+ } while (sd_journal_next(j));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ free(buf);
|
|
|
05ad79 |
+ free(match);
|
|
|
05ad79 |
+ sd_journal_flush_matches(j);
|
|
|
05ad79 |
+ sd_journal_close(j);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int print_pretty(struct libscols_table *tb)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct libscols_iter *itr = scols_new_iter(SCOLS_ITER_FORWARD);
|
|
|
05ad79 |
+ struct libscols_column *col;
|
|
|
05ad79 |
+ struct libscols_cell *data;
|
|
|
05ad79 |
+ struct libscols_line *ln;
|
|
|
05ad79 |
+ const char *hstr, *dstr;
|
|
|
05ad79 |
+ int n = 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ ln = scols_table_get_line(tb, 0);
|
|
|
05ad79 |
+ while (!scols_table_next_column(tb, itr, &col)) {
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ data = scols_line_get_cell(ln, n);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ hstr = _(coldescs[columns[n]].pretty_name);
|
|
|
05ad79 |
+ dstr = scols_cell_get_data(data);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (dstr)
|
|
|
05ad79 |
+ printf("%s:%*c%-36s\n", hstr, 35 - (int)strlen(hstr), ' ', dstr);
|
|
|
05ad79 |
+ ++n;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ scols_free_iter(itr);
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static int print_user_table(struct lslogins_control *ctl)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ tb = setup_table(ctl);
|
|
|
05ad79 |
+ if (!tb)
|
|
|
05ad79 |
+ return -1;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ twalk(ctl->usertree, fill_table);
|
|
|
05ad79 |
+ if (outmode == OUT_PRETTY) {
|
|
|
05ad79 |
+ print_pretty(tb);
|
|
|
05ad79 |
+#ifdef HAVE_LIBSYSTEMD
|
|
|
05ad79 |
+ fprintf(stdout, _("\nLast logs:\n"));
|
|
|
05ad79 |
+ print_journal_tail(ctl->journal_path, ctl->uid, 3);
|
|
|
05ad79 |
+ fputc('\n', stdout);
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ } else
|
|
|
05ad79 |
+ scols_print_table(tb);
|
|
|
05ad79 |
+ return 0;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static void free_user(void *f)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ struct lslogins_user *u = f;
|
|
|
05ad79 |
+ free(u->login);
|
|
|
05ad79 |
+ free(u->group);
|
|
|
05ad79 |
+ free(u->gecos);
|
|
|
05ad79 |
+ free(u->sgroups);
|
|
|
05ad79 |
+ free(u->pwd_ctime);
|
|
|
05ad79 |
+ free(u->pwd_warn);
|
|
|
05ad79 |
+ free(u->pwd_ctime_min);
|
|
|
05ad79 |
+ free(u->pwd_ctime_max);
|
|
|
05ad79 |
+ free(u->last_login);
|
|
|
05ad79 |
+ free(u->last_tty);
|
|
|
05ad79 |
+ free(u->last_hostname);
|
|
|
05ad79 |
+ free(u->failed_login);
|
|
|
05ad79 |
+ free(u->failed_tty);
|
|
|
05ad79 |
+ free(u->homedir);
|
|
|
05ad79 |
+ free(u->shell);
|
|
|
05ad79 |
+ free(u->pwd_status);
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ freecon(u->context);
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ free(u);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+struct lslogins_timefmt {
|
|
|
05ad79 |
+ const char *name;
|
|
|
05ad79 |
+ int val;
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static struct lslogins_timefmt timefmts[] = {
|
|
|
05ad79 |
+ { "short", TIME_SHORT },
|
|
|
05ad79 |
+ { "full", TIME_FULL },
|
|
|
05ad79 |
+ { "iso", TIME_ISO },
|
|
|
05ad79 |
+};
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+static void __attribute__((__noreturn__)) usage(FILE *out)
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fputs(USAGE_HEADER, out);
|
|
|
05ad79 |
+ fprintf(out, _(" %s [options]\n"), program_invocation_short_name);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fputs(USAGE_OPTIONS, out);
|
|
|
05ad79 |
+ fputs(_(" -a, --acc-expiration display info about passwords expiration\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -c, --colon-separate display data in a format similar to /etc/passwd\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -e, --export display in an export-able output format\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -f, --failed display data about the users' last failed logins\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -G, --groups-info display information about groups\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -g, --groups=<groups> display users belonging to a group in <groups>\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -L, --last show info about the users' last login sessions\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -l, --logins=<logins> display only users from <logins>\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -m, --supp-groups display supplementary groups as well\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -n, --newline display each piece of information on a new line\n"), out);
|
|
|
05ad79 |
+ fputs(_(" --noheadings don't print headings\n"), out);
|
|
|
05ad79 |
+ fputs(_(" --notruncate don't truncate output\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -o, --output[=<list>] define the columns to output\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -p, --pwd display information related to login by password.\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -r, --raw display in raw mode\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -s, --system-accs display system accounts\n"), out);
|
|
|
05ad79 |
+ fputs(_(" --time-format=<type> display dates in short, full or iso format\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -u, --user-accs display user accounts\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -Z, --context display SELinux contexts\n"), out);
|
|
|
05ad79 |
+ fputs(_(" -z, --print0 delimit user entries with a nul character\n"), out);
|
|
|
05ad79 |
+ fputs(_(" --wtmp-file <path> set an alternate path for wtmp\n"), out);
|
|
|
05ad79 |
+ fputs(_(" --btmp-file <path> set an alternate path for btmp\n"), out);
|
|
|
05ad79 |
+ fputs(USAGE_SEPARATOR, out);
|
|
|
05ad79 |
+ fputs(USAGE_HELP, out);
|
|
|
05ad79 |
+ fputs(USAGE_VERSION, out);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fprintf(out, _("\nAvailable columns:\n"));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ for (i = 0; i < ARRAY_SIZE(coldescs); i++)
|
|
|
05ad79 |
+ fprintf(out, " %14s %s\n", coldescs[i].name,
|
|
|
05ad79 |
+ _(coldescs[i].help));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ fprintf(out, _("\nFor more details see lslogins(1).\n"));
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS);
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+int main(int argc, char *argv[])
|
|
|
05ad79 |
+{
|
|
|
05ad79 |
+ int c, opt_o = 0;
|
|
|
05ad79 |
+ char *logins = NULL, *groups = NULL;
|
|
|
05ad79 |
+ char *path_wtmp = _PATH_WTMP, *path_btmp = _PATH_BTMP;
|
|
|
05ad79 |
+ struct lslogins_control *ctl = xcalloc(1, sizeof(struct lslogins_control));
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* long only options. */
|
|
|
05ad79 |
+ enum {
|
|
|
05ad79 |
+ OPT_VER = CHAR_MAX + 1,
|
|
|
05ad79 |
+ OPT_WTMP,
|
|
|
05ad79 |
+ OPT_BTMP,
|
|
|
05ad79 |
+ OPT_NOTRUNC,
|
|
|
05ad79 |
+ OPT_NOHEAD,
|
|
|
05ad79 |
+ OPT_TIME_FMT,
|
|
|
05ad79 |
+ };
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ static const struct option longopts[] = {
|
|
|
05ad79 |
+ { "acc-expiration", no_argument, 0, 'a' },
|
|
|
05ad79 |
+ { "colon-separate", no_argument, 0, 'c' },
|
|
|
05ad79 |
+ { "export", no_argument, 0, 'e' },
|
|
|
05ad79 |
+ { "failed", no_argument, 0, 'f' },
|
|
|
05ad79 |
+ { "groups", required_argument, 0, 'g' },
|
|
|
05ad79 |
+ { "help", no_argument, 0, 'h' },
|
|
|
05ad79 |
+ { "logins", required_argument, 0, 'l' },
|
|
|
05ad79 |
+ { "supp-groups", no_argument, 0, 'G' },
|
|
|
05ad79 |
+ { "newline", no_argument, 0, 'n' },
|
|
|
05ad79 |
+ { "notruncate", no_argument, 0, OPT_NOTRUNC },
|
|
|
05ad79 |
+ { "noheadings", no_argument, 0, OPT_NOHEAD },
|
|
|
05ad79 |
+ { "output", required_argument, 0, 'o' },
|
|
|
05ad79 |
+ { "last", no_argument, 0, 'L', },
|
|
|
05ad79 |
+ { "raw", no_argument, 0, 'r' },
|
|
|
05ad79 |
+ { "system-accs", no_argument, 0, 's' },
|
|
|
05ad79 |
+ { "time-format", required_argument, 0, OPT_TIME_FMT },
|
|
|
05ad79 |
+ { "user-accs", no_argument, 0, 'u' },
|
|
|
05ad79 |
+ { "version", no_argument, 0, 'V' },
|
|
|
05ad79 |
+ { "pwd", no_argument, 0, 'p' },
|
|
|
05ad79 |
+ { "print0", no_argument, 0, 'z' },
|
|
|
05ad79 |
+ { "wtmp-file", required_argument, 0, OPT_WTMP },
|
|
|
05ad79 |
+ { "btmp-file", required_argument, 0, OPT_BTMP },
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ { "context", no_argument, 0, 'Z' },
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ { NULL, 0, 0, 0 }
|
|
|
05ad79 |
+ };
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ static const ul_excl_t excl[] = { /* rows and cols in ASCII order */
|
|
|
05ad79 |
+ { 'G', 'o' },
|
|
|
05ad79 |
+ { 'L', 'o' },
|
|
|
05ad79 |
+ { 'Z', 'o' },
|
|
|
05ad79 |
+ { 'a', 'o' },
|
|
|
05ad79 |
+ { 'c','n','r','z' },
|
|
|
05ad79 |
+ { 'o', 'p' },
|
|
|
05ad79 |
+ { 0 }
|
|
|
05ad79 |
+ };
|
|
|
05ad79 |
+ int excl_st[ARRAY_SIZE(excl)] = UL_EXCL_STATUS_INIT;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ setlocale(LC_ALL, "");
|
|
|
05ad79 |
+ bindtextdomain(PACKAGE, LOCALEDIR);
|
|
|
05ad79 |
+ textdomain(PACKAGE);
|
|
|
05ad79 |
+ atexit(close_stdout);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ ctl->time_mode = TIME_SHORT;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* very basic default */
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_UID);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_USER);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ while ((c = getopt_long(argc, argv, "acfGg:hLl:no:prsuVxzZ",
|
|
|
05ad79 |
+ longopts, NULL)) != -1) {
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ err_exclusive_options(c, longopts, excl, excl_st);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ switch (c) {
|
|
|
05ad79 |
+ case 'a':
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWD_WARN);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWD_CTIME_MIN);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWD_CTIME_MAX);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWD_CTIME);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWD_EXPIR);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'c':
|
|
|
05ad79 |
+ outmode = OUT_COLON;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'e':
|
|
|
05ad79 |
+ outmode = OUT_EXPORT;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'f':
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_FAILED_LOGIN);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_FAILED_TTY);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'G':
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_GID);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_GROUP);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_SGIDS);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_SGROUPS);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'g':
|
|
|
05ad79 |
+ groups = optarg;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'h':
|
|
|
05ad79 |
+ usage(stdout);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'L':
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_LAST_TTY);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_LAST_HOSTNAME);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_LAST_LOGIN);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'l':
|
|
|
05ad79 |
+ logins = optarg;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'n':
|
|
|
05ad79 |
+ outmode = OUT_NEWLINE;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'o':
|
|
|
05ad79 |
+ if (optarg) {
|
|
|
05ad79 |
+ if (*optarg == '=')
|
|
|
05ad79 |
+ optarg++;
|
|
|
05ad79 |
+ ncolumns = string_to_idarray(optarg,
|
|
|
05ad79 |
+ columns, ARRAY_SIZE(columns),
|
|
|
05ad79 |
+ column_name_to_id);
|
|
|
05ad79 |
+ if (ncolumns < 0)
|
|
|
05ad79 |
+ return EXIT_FAILURE;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ opt_o = 1;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'r':
|
|
|
05ad79 |
+ outmode = OUT_RAW;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 's':
|
|
|
05ad79 |
+ ctl->SYS_UID_MIN = getlogindefs_num("SYS_UID_MIN", UL_SYS_UID_MIN);
|
|
|
05ad79 |
+ ctl->SYS_UID_MAX = getlogindefs_num("SYS_UID_MAX", UL_SYS_UID_MAX);
|
|
|
05ad79 |
+ lslogins_flag |= F_SYSAC;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'u':
|
|
|
05ad79 |
+ ctl->UID_MIN = getlogindefs_num("UID_MIN", UL_UID_MIN);
|
|
|
05ad79 |
+ ctl->UID_MAX = getlogindefs_num("UID_MAX", UL_UID_MAX);
|
|
|
05ad79 |
+ lslogins_flag |= F_USRAC;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'p':
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWDEMPTY);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWDLOCK);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWDDENY);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_NOLOGIN);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_HUSH_STATUS);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'z':
|
|
|
05ad79 |
+ outmode = OUT_NUL;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OPT_WTMP:
|
|
|
05ad79 |
+ path_wtmp = optarg;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OPT_BTMP:
|
|
|
05ad79 |
+ path_btmp = optarg;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OPT_NOTRUNC:
|
|
|
05ad79 |
+ ctl->notrunc = 1;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OPT_NOHEAD:
|
|
|
05ad79 |
+ ctl->noheadings = 1;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case OPT_TIME_FMT:
|
|
|
05ad79 |
+ {
|
|
|
05ad79 |
+ size_t i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ for (i = 0; i < ARRAY_SIZE(timefmts); i++) {
|
|
|
05ad79 |
+ if (strcmp(timefmts[i].name, optarg) == 0) {
|
|
|
05ad79 |
+ ctl->time_mode = timefmts[i].val;
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ if (ctl->time_mode == TIME_INVALID)
|
|
|
05ad79 |
+ usage(stderr);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ case 'V':
|
|
|
05ad79 |
+ printf(UTIL_LINUX_VERSION);
|
|
|
05ad79 |
+ return EXIT_SUCCESS;
|
|
|
05ad79 |
+ case 'Z':
|
|
|
05ad79 |
+ {
|
|
|
05ad79 |
+#ifdef HAVE_LIBSELINUX
|
|
|
05ad79 |
+ int sl = is_selinux_enabled();
|
|
|
05ad79 |
+ if (sl < 0)
|
|
|
05ad79 |
+ warn(_("failed to request selinux state"));
|
|
|
05ad79 |
+ else
|
|
|
05ad79 |
+ ctl->selinux_enabled = sl == 1;
|
|
|
05ad79 |
+#endif
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_SELINUX);
|
|
|
05ad79 |
+ break;
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ default:
|
|
|
05ad79 |
+ usage(stderr);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (argc - optind == 1) {
|
|
|
05ad79 |
+ if (strchr(argv[optind], ','))
|
|
|
05ad79 |
+ errx(EXIT_FAILURE, _("Only one user may be specified. Use -l for multiple users."));
|
|
|
05ad79 |
+ logins = argv[optind];
|
|
|
05ad79 |
+ outmode = OUT_PRETTY;
|
|
|
05ad79 |
+ } else if (argc != optind)
|
|
|
05ad79 |
+ usage(stderr);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ scols_init_debug(0);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ /* lslogins -u -s == lslogins */
|
|
|
05ad79 |
+ if (lslogins_flag & F_USRAC && lslogins_flag & F_SYSAC)
|
|
|
05ad79 |
+ lslogins_flag &= ~(F_USRAC | F_SYSAC);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (outmode == OUT_PRETTY && !opt_o) {
|
|
|
05ad79 |
+ /* all columns for lslogins <username> */
|
|
|
05ad79 |
+ for (ncolumns = 0, i = 0; i < ARRAY_SIZE(coldescs); i++)
|
|
|
05ad79 |
+ columns[ncolumns++] = i;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ } else if (ncolumns == 2 && !opt_o) {
|
|
|
05ad79 |
+ /* default colummns */
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_NPROCS);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWDLOCK);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_PWDDENY);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_LAST_LOGIN);
|
|
|
05ad79 |
+ add_column(columns, ncolumns++, COL_GECOS);
|
|
|
05ad79 |
+ }
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (require_wtmp())
|
|
|
05ad79 |
+ parse_wtmp(ctl, path_wtmp);
|
|
|
05ad79 |
+ if (require_btmp())
|
|
|
05ad79 |
+ parse_btmp(ctl, path_btmp);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (logins || groups)
|
|
|
05ad79 |
+ get_ulist(ctl, logins, groups);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ if (create_usertree(ctl))
|
|
|
05ad79 |
+ return EXIT_FAILURE;
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ print_user_table(ctl);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ scols_unref_table(tb);
|
|
|
05ad79 |
+ tdestroy(ctl->usertree, free_user);
|
|
|
05ad79 |
+ free_ctl(ctl);
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+ return EXIT_SUCCESS;
|
|
|
05ad79 |
+}
|
|
|
05ad79 |
diff -up util-linux-2.23.2/login-utils/Makemodule.am.kzak util-linux-2.23.2/login-utils/Makemodule.am
|
|
|
05ad79 |
--- util-linux-2.23.2/login-utils/Makemodule.am.kzak 2013-06-13 09:46:10.441650801 +0200
|
|
|
05ad79 |
+++ util-linux-2.23.2/login-utils/Makemodule.am 2014-12-12 15:28:30.576177139 +0100
|
|
|
05ad79 |
@@ -145,6 +145,25 @@ endif
|
|
|
05ad79 |
endif # BUILD_NEWGRP
|
|
|
05ad79 |
|
|
|
05ad79 |
|
|
|
05ad79 |
+if BUILD_LSLOGINS
|
|
|
05ad79 |
+usrbin_exec_PROGRAMS += lslogins
|
|
|
05ad79 |
+dist_man_MANS += login-utils/lslogins.1
|
|
|
05ad79 |
+lslogins_SOURCES = \
|
|
|
05ad79 |
+ login-utils/lslogins.c \
|
|
|
05ad79 |
+ login-utils/logindefs.c \
|
|
|
05ad79 |
+ login-utils/logindefs.h
|
|
|
05ad79 |
+lslogins_LDADD = $(LDADD) libcommon.la libsmartcols.la
|
|
|
05ad79 |
+lslogins_CFLAGS = $(AM_CFLAGS) -I$(ul_libsmartcols_incdir)
|
|
|
05ad79 |
+if HAVE_SELINUX
|
|
|
05ad79 |
+lslogins_LDADD += -lselinux
|
|
|
05ad79 |
+endif
|
|
|
05ad79 |
+if HAVE_SYSTEMD
|
|
|
05ad79 |
+lslogins_LDADD += $(SYSTEMD_LIBS) $(SYSTEMD_JOURNAL_LIBS)
|
|
|
05ad79 |
+lslogins_CFLAGS += $(SYSTEMD_CFLAGS) $(SYSTEMD_JOURNAL_CFLAGS)
|
|
|
05ad79 |
+endif
|
|
|
05ad79 |
+endif # BUILD_LSLOGINS
|
|
|
05ad79 |
+
|
|
|
05ad79 |
+
|
|
|
05ad79 |
if BUILD_VIPW
|
|
|
05ad79 |
usrsbin_exec_PROGRAMS += vipw
|
|
|
05ad79 |
dist_man_MANS += \
|