[PATCH 3/4] Send a USER_LOGIN event like other Linux login programs do.
Matěj Cepl
mcepl at redhat.com
Mon Aug 8 12:26:49 PDT 2011
https://bugzilla.redhat.com/469357
Patch by Steve Grubb <sgrubb at redhat dot com>
Signed-off-by: Matěj Cepl <mcepl at redhat.com>
---
configure.ac | 22 ++++++++++++++++++++++
greeter/greet.c | 32 ++++++++++++++++++++++++++++++++
2 files changed, 54 insertions(+), 0 deletions(-)
diff --git a/configure.ac b/configure.ac
index 0c79999..17b14fd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -145,6 +145,28 @@ if test "x$USE_SELINUX" != "xno" ; then
)
fi
+AC_ARG_WITH(libaudit,
+ [ --with-libaudit=[auto/yes/no] Add Linux audit support [default=auto]],,
+ with_libaudit=auto)
+
+# Check for Linux auditing API
+#
+# libaudit detection
+if test x$with_libaudit = xno ; then
+ have_libaudit=no;
+else
+ # See if we have audit daemon library
+ AC_CHECK_LIB(audit, audit_log_user_message,
+ have_libaudit=yes, have_libaudit=no)
+fi
+
+AM_CONDITIONAL(HAVE_LIBAUDIT, test x$have_libaudit = xyes)
+
+if test x$have_libaudit = xyes ; then
+ XDMGREET_LIBS="$XDMGREET_LIBS -laudit"
+ AC_DEFINE(HAVE_LIBAUDIT,1,[linux audit support])
+fi
+
# FIXME: Find better test for which OS'es use su -m - for now, just try to
# mirror the Imakefile setting of:
# if defined(OpenBSDArchitecture) || defined(NetBSDArchitecture) || defined(FreeBSDArchitecture) || defined(DarwinArchitecture)
diff --git a/greeter/greet.c b/greeter/greet.c
index 87d2a83..7d424c9 100644
--- a/greeter/greet.c
+++ b/greeter/greet.c
@@ -86,6 +86,13 @@ from The Open Group.
# endif
#endif
+#ifdef HAVE_LIBAUDIT
+#include <libaudit.h>
+#include <pwd.h>
+#else
+#define log_to_audit_system(l,h,s) do { ; } while (0)
+#endif
+
#include <string.h>
#if defined(SECURE_RPC) && defined(sun)
@@ -415,6 +422,29 @@ FailedLogin (struct display *d, const char *username)
DrawFail (login);
}
+#ifdef USE_PAM
+#ifdef HAVE_LIBAUDIT
+static void
+log_to_audit_system(const pam_handle_t *pamhp, int success)
+{
+ struct passwd *pw = NULL;
+ char *hostname = NULL, *tty = NULL, *login=NULL;
+ int audit_fd;
+
+ audit_fd = audit_open();
+ pam_get_item(pamhp, PAM_RHOST, &hostname);
+ pam_get_item(pamhp, PAM_TTY, &tty);
+ pam_get_item(pamhp, PAM_USER, &login);
+ if (login)
+ pw = getpwnam(login);
+ audit_log_acct_message(audit_fd, AUDIT_USER_LOGIN,
+ NULL, "login", login ? login : "(unknown)",
+ pw ? pw->pw_uid : -1, hostname, NULL, tty, success);
+ close(audit_fd);
+}
+#endif
+#endif
+
_X_EXPORT
greet_user_rtn GreetUser(
struct display *d,
@@ -600,6 +630,7 @@ greet_user_rtn GreetUser(
if ((pam_error == PAM_SUCCESS) && (Verify (d, greet, verify))) {
SetPrompt (login, 1, "Login Successful", LOGIN_TEXT_INFO, False);
SetValue (login, 1, NULL);
+ log_to_audit_system(*pamhp, 1);
break;
} else {
/* Try to fill in username for failed login error log */
@@ -611,6 +642,7 @@ greet_user_rtn GreetUser(
(void *) &username));
}
FailedLogin (d, username);
+ log_to_audit_system(*pamhp, 0);
RUN_AND_CHECK_PAM_ERROR(pam_end,
(*pamhp, pam_error));
}
--
1.7.6
More information about the xorg-devel
mailing list