2.0.7pre2, utmp in particular

Richard Sharpe sharpe at ns.aus.com
Sat Mar 18 13:29:35 GMT 2000 

At 10:23 PM 3/18/00 +1030, Freddie wrote:
>>Sounds like an ifdef GLIBC20 is needed and a configure test for glibc2.0 vs
>>glibc2.1 might be needed here.
>
>I'm not sure if glibc2.1 even has utmpx.h, and I don't have access to a 
>machine running 2.1 at the moment. This is at the top of the #ifdef 
>WITH_UTMP code block:
>
><snip>
>Hints for porting:
>         o Always attempt to use programmatic interface (pututline() etc.)
>         o The "x" (utmpx/wtmpx; HAVE_UTMPX_H) seems preferable.
>
>OS status:
>         Solaris 2.x:  Tested on 2.6 and 2.7; should be OK on other flavours.
>                 T.D.Lee at durham.ac.uk
>         HPUX 9.x:  Not tested.  Appears not to have "x".
>         IRIX 6.5:  Not tested.  Appears to have "x".
><snip>
>
>I guess we'll need someone with glibc2.1 to have a look :)

Well, I have Linux systems with both glibc 2.0.7 and glibc 2.1.2. The
system with glibc 2.0.7 has /usr/include/utmp.h while the system with glibc
2.1.2 has /usr/include/utmpx.h as utmp.h

So, life is easy.

>>Hmm, first one is to access the logon script.  The second one may be to
>>access profiles or policies. Where does your logon home or logon path point
>>to? Is the client trying to access profiles?
>>
>>To track it down may require a trace, which can be obtained with tcpdump.
>
>Ok, just installed tcpdump... like to give me some instructions?

tcpdump -i eth0 -n -s 1500 -w file

run when the client is logging in will give me what I want. Then send the
resulting trace to me as an attachment (uuencoded, or some other valid
attachment) and I can look at it to see what is going on. Alternatively,
pull down Ethereal (www.zing.org) and look youself.

>(smblogin does a few things, modifies the dns entry for the machine so that 
>it's <user>.<host>.<domain>, adds their ip address to a file for squid, 
>based on their group, and writes out a login script for them. seeings as it 
>HUPs bind/squid, it sort of sucks having it do it twice, especially when 20 
>people decided to log in)
>
>Would it be possible (I know nothing of the SMB protocol) to have "login 
>exec" and "logout exec" parameters?

Well it would, but it will probably not make any difference.

>And I do remember their being a problem with it making 2 connections to 
>netlogon, but why would this give 2 utmp entries? Seems a bit odd :)

Probably because the client actually sets up two connections to the share,
and does a SMBsesssetupX in each case, which it has to do. I have not
looked, but I imagine that the utmpx code has been addedd to the
reply_sesssetupx path.

I too have seen these two connections in the past, and have been told about
them by Steve Langasek, I believe, but in recent testing was not able to
provoke the behaviour.

>freddie  smb/1    zugzug            9:08pm  0.00s 13:30    ?     -
>fossel   smb/4    grump             9:50pm  0.00s 13:30    ?     -
>freddie  smb/2    zugzug            9:08pm  0.00s 13:30    ?     -
>
>And why on earth would grump only end up having one utmp entry?
>
>> >freddie  smb/1    zugzug            9:08pm  0.00s 13:20    ?     -
>> >freddie  smb/2    zugzug            9:08pm  0.00s 13:20    ?     -
>> >
>> >
>> >Freddie
>> >
>> >
>>
>>Regards
>>-------
>>Richard Sharpe, sharpe at ns.aus.com, Master Linux Administrator :-),
>>Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
>>Co-author, SAMS Teach Yourself Samba in 24 Hours
>>Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course
>>Author: First Australian 2-day, intensive, hands-on Samba course
>
>Answering the other person that asked about wtmp logging (replying again 
>seems like too much work), this is from the code in source/smbd/connection.c:
>
>         /* *** OK.  Appending wtmp (as distinct from overwriting utmp) has
>         me baffled.  How is it to be done? *** */
>
>I'll work on doing wtmp logging (at least for Linux, I have no idea if the 
>calls would be different on other architectures), but from what I can see, 
>these calls are the ones that we'd be after:
>
>
>SYNOPSIS
>        #include <utmp.h>
>
>        void updwtmp(const char *wtmp_file, const struct utmp *ut);
>        void logwtmp(const char *line, const char *name, const char *host);
>
>DESCRIPTION
>        updwtmp()  appends the utmp structure ut to the wtmp file.
>
>        logwtmp() constructs an utmp structure using  line,  name,
>        host,  current time and current process id.  Then it calls
>        updwtmp() to append the structure to the utmp file.
>
>AVAILABILITY
>        Both functions are available under glibc2, but  not  under
>        libc5.  However, logwtmp occurs in the old libbsd.
>
>
>*shrug*
>
>

Regards
-------
Richard Sharpe, sharpe at ns.aus.com, Master Linux Administrator :-),
Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
Co-author, SAMS Teach Yourself Samba in 24 Hours
Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course
Author: First Australian 2-day, intensive, hands-on Samba course

More information about the samba-technical mailing list