From petefrench@ticketswitch.com  Fri Nov  2 20:14:03 2007
Return-Path: <petefrench@ticketswitch.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7D4CE16A469
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  2 Nov 2007 20:14:03 +0000 (UTC)
	(envelope-from petefrench@ticketswitch.com)
Received: from angel.ticketswitch.com (angel.ticketswitch.com [IPv6:2002:57e0:1d4e::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 3DFB313C4A7
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  2 Nov 2007 20:14:03 +0000 (UTC)
	(envelope-from petefrench@ticketswitch.com)
Received: from smaug.rattatosk ([10.50.50.2])
	by angel.ticketswitch.com with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.67 (FreeBSD))
	(envelope-from <petefrench@ticketswitch.com>)
	id 1InydH-0002pW-Ro
	for FreeBSD-gnats-submit@freebsd.org; Fri, 02 Nov 2007 15:40:27 +0000
Received: from dilbert.rattatosk ([10.50.50.6] helo=dilbert.ticketswitch.com)
	by smaug.rattatosk with esmtp (Exim 4.67 (FreeBSD))
	(envelope-from <petefrench@ticketswitch.com>)
	id 1InydH-000PUN-Pg
	for FreeBSD-gnats-submit@freebsd.org; Fri, 02 Nov 2007 15:40:27 +0000
Received: from petefrench by dilbert.ticketswitch.com with local (Exim 4.68 (FreeBSD))
	(envelope-from <petefrench@ticketswitch.com>)
	id 1InydH-0004qg-OL
	for FreeBSD-gnats-submit@freebsd.org; Fri, 02 Nov 2007 15:40:27 +0000
Message-Id: <E1InydH-0004qg-OL@dilbert.ticketswitch.com>
Date: Fri, 02 Nov 2007 15:40:27 +0000
From: Pete French <petefrench@ticketswitch.com>
Reply-To: Pete French <petefrench@ticketswitch.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: 'w -n' still dispalys names for IPv6 connections
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         117773
>Category:       bin
>Synopsis:       w(1): 'w -n' still displays names for IPv6 connections, not numbers
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Nov 02 20:20:01 UTC 2007
>Closed-Date:    Fri Nov 21 04:08:37 UTC 2008
>Last-Modified:  Fri Nov 21 04:08:37 UTC 2008
>Originator:     Pete French
>Release:        FreeBSD 6.3-PRERELEASE i386
>Organization:
TicketSwitch Ltd
>Environment:
System: FreeBSD dilbert.rattatosk 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #0: Fri Nov 2 12:44:50 GMT 2007 petefrench@dilbert.rattatosk:/usr/obj/usr/src/sys/DILBERT i386


>Description:

	Login to a machine over ssh or telnet. Typing 'w' shows the logged
	in users, along with the machine they are logging in from. Typing
	'w -n' should give the same information, but without resolving the
	IP addresses to names. This works for IPv4 connections, but not for
	IPv6

>How-To-Repeat:

	Login over an IPv6 connection and observe the output of 'w -n'
	compared to logging in over IPv4
>Fix:
>Release-Note:
>Audit-Trail:

From: bob <bob@norcalttora.com>
To: bug-followup@FreeBSD.org, petefrench@ticketswitch.com
Cc:  
Subject: Re: bin/117773: 'w -n' still dispalys names for IPv6 connections
Date: Thu, 8 Nov 2007 6:34:41 -0800

 I tried reproducing this bug hoping to be able to fix it but had a
 little bit of trouble reproducing it. From what I can see on RELENG_7
 and RELENG_6 the -n flag will work the same way for IPv4 and IPv6. In
 the case that -n is set w(1) just reads from /var/run/utmp and basically
 dumps the address that's written there.
 
 On my machine I'm seeing IPv6 addresses being written into /var/run/utmp
 and w(1) is working as designed. If I ssh to ::1 or 127.0.0.1 then
 localhost is written to /var/run/utmp and `w -n` prints localhost even
 though I said -n.
 
 I'm wondering if you can share part of your utmp file to verify that the
 hostname is being written in to that file rather than the IPv6 address?
 
 If there is a bug here I believe that it's in whatever writes to
 /var/run/utmp, not w(1).
 
 -Bob

From: Bob Van Zant <bob@veznat.com>
To: bug-followup@FreeBSD.org,
 petefrench@ticketswitch.com
Cc:  
Subject: Re: bin/117773: 'w -n' still dispalys names for IPv6 connections
Date: Tue, 13 Nov 2007 00:18:03 +0530

 I did manage to repro this and have found that what's in /var/run/utmp  
 contains the hostname of the connected host, not the IP (or IPv6)  
 address.
 
 I think pam_lastlog is what keeps utmp current and this comes from  
 pam_lastlog.c::pam_sm_open_session(). The IP address that should be  
 written comes in via pam_handle_t.
 
 It appears that pam_lastlog.c simply dumps whatever comes in for  
 PAM_RHOST. Digging down into openpam we see that PAM_RHOST is "The  
 name of the applicant's host."
 
 Falling back up into OpenSSH's auth-pam.c we see that it sets  
 PAM_RHOST to the remote name or IP (get_remote_name_or_ip()). So this  
 sets up pam_lastlog to log the hostname if it knows it and only if it  
 can't find the reverse name it logs the IP.
 
 The gist of this is, quite simply, that what's in /var/run/utmp is  
 correct. It is supposed to be the hostname, if known and otherwise the  
 IP address.
 
 w(1) -n does exactly what it's supposed to: it does "not attempt to  
 resolve network addresses." So rest assured that no reverse DNS  
 queries are being done even though hostnames are showing up.
 
 All of that said I believe this bug can be closed without doing any  
 work.
 
 -Bob
 

From: Pete French <petefrench@ticketswitch.com>
To: bob@norcalttora.com, bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/117773: 'w -n' still dispalys names for IPv6 connections
Date: Sat, 08 Dec 2007 13:29:48 +0000

 > I tried reproducing this bug hoping to be able to fix it but had
 > a little bit of trouble reproducing it. From what I can see on
 > RELENG_7 and RELENG_6 the -n flag will work the same way for IPv4
 > and IPv6. In the case that -n is set w(1) just reads from /var/run/utmp
 > and basically dumps the address that's written there.
 
 Sorry for not getting back to you before now! Had lost this email
 in a pile of about 400 others. Thanks for starting to look at the issue
 for me. I suspect you are right, and that something is back resolving the
 hostnames before writing them into the utmp file. 'last' has the same
 erreft - downs the hostnames if the resolve.
 
 > I'm wondering if you can share part of your utmp file to verify
 > that the hostname is being written in to that file rather than the
 > IPv6 address?
 
 Sure - heres todays from a 6.2-STABLE machine with the same problem
 http://toybox.twisted.org.uk/~pete/utmp.gz
 
 The login from dilbert.ticketswitch.com should be
 comming from 2002:57e0:1d4e:1:20e:cff:fedc:c380
 
 cheers,
 
 -pete.
State-Changed-From-To: open->closed 
State-Changed-By: matteo 
State-Changed-When: Ven 21 Nov 2008 04:05:35 UTC 
State-Changed-Why:  
w(1) is working as expected. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=117773 
>Unformatted:
