From cperon@staff.seccuris.com  Wed Sep  4 11:06:45 2002
Return-Path: <cperon@staff.seccuris.com>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 225C037B400
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  4 Sep 2002 11:06:45 -0700 (PDT)
Received: from staff.seccuris.com (staff.seccuris.com [204.112.0.40])
	by mx1.FreeBSD.org (Postfix) with SMTP id 0F71843E75
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  4 Sep 2002 11:06:39 -0700 (PDT)
	(envelope-from cperon@staff.seccuris.com)
Received: (qmail 37330 invoked by uid 1006); 4 Sep 2002 18:29:57 -0000
Message-Id: <20020904182957.37329.qmail@staff.seccuris.com>
Date: 4 Sep 2002 18:29:57 -0000
From: Chris S.J.Peron <maneo@bsdpro.com>
Reply-To: Chris S.J.Peron <maneo@bsdpro.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: syslog enhancement for the nologin shell
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         42419
>Category:       bin
>Synopsis:       syslog enhancement for the nologin shell
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 04 11:10:03 PDT 2002
>Closed-Date:    Sun Feb 22 06:12:29 PST 2004
>Last-Modified:  Sun Feb 22 06:12:29 PST 2004
>Originator:     Chris S.J. Peron
>Release:        FreeBSD 4.6.2-RELEASE i386
>Organization:
>Environment:
System: FreeBSD staff.seccuris.com 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE #1: Tue Aug 20 16:12:25 CDT 2002 cperon@staff.seccuris.com:/usr/src/sys/compile/opcode i386


	
>Description:

	Currently nologin(8) does not support logging attempted logins
	to syslog. I have re-written a small nologin replacement (in C) which
	will log the username, tty and hostname to the system log.

	The tarball can be downloaded from http://staff.seccuris.com/~cperon/nologin.tgz
	MD5 (nologin.tgz) = d0aa5833dda56ac374060a78fb4bd064
	
	
>How-To-Repeat:

	N/A
	
>Fix:

	See description
	
	


>Release-Note:
>Audit-Trail:

From: "Chris S.J. Peron" <maneo@bsdpro.com>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: bin/42419: syslog enhancement for the nologin shell
Date: Wed, 4 Sep 2002 14:55:15 -0500

 Just a couple of changes for nologin.c
 
 	1) it possible that if a user is using su to change
 	   to another user, the syslog would report the calling
 	   users login and not the login of the desired user.
 
 	   FIX: use getenv() rather the utmp
 
 	2) close utmp file descriptor
 
 --- nologin.old.c       Wed Sep  4 14:41:01 2002
 +++ nologin.c   Wed Sep  4 14:41:45 2002
 @@ -99,8 +99,9 @@
                 if (strcmp(utp->ut_line, ontty()) == 0)
                         syslog(LOG_AUTH | LOG_WARNING,
                                 "rejected login attempt for user %s %s from %s",
 -                                       utp->ut_name, ontty(), utp->ut_host);
 +                                       getenv("USER"), ontty(), utp->ut_host);
         }
 +       close(fd);
 
         return(0);
  }
 
State-Changed-From-To: open->closed 
State-Changed-By: cperciva 
State-Changed-When: Sun Feb 22 06:11:49 PST 2004 
State-Changed-Why:  
Logging has been added to /sbin/nologin. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=42419 
>Unformatted:
