From owner-freebsd-hackers  Sun Sep 14 17:36:53 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id RAA14816
          for hackers-outgoing; Sun, 14 Sep 1997 17:36:53 -0700 (PDT)
Received: from freebie.lemis.com (gregl1.lnk.telstra.net [139.130.136.133])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA14787
          for <hackers@FreeBSD.ORG>; Sun, 14 Sep 1997 17:36:45 -0700 (PDT)
Received: (from grog@localhost)
	by freebie.lemis.com (8.8.7/8.8.5) id KAA17462;
	Mon, 15 Sep 1997 10:06:21 +0930 (CST)
Message-ID: <19970915100620.36991@lemis.com>
Date: Mon, 15 Sep 1997 10:06:20 +0930
From: Greg Lehey <grog@lemis.com>
To: Terry Lambert <tlambert@primenet.com>
Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, hackers@FreeBSD.ORG
Subject: Re: Here's an interesting bug in our utmp handling.
References: <10396.874268145@time.cdrom.com> <199709142217.PAA25420@usr09.primenet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.81e
In-Reply-To: <199709142217.PAA25420@usr09.primenet.com>; from Terry Lambert on Sun, Sep 14, 1997 at 10:17:16PM +0000
Organisation: LEMIS, PO Box 460, Echunga SA 5153, Australia
Phone: +61-8-8388-8250
Fax: +61-8-8388-8250
Mobile: +61-41-739-7062
WWW-Home-Page: http://www.lemis.com/~grog
Fight-Spam-Now: http://www.cauce.org
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Sun, Sep 14, 1997 at 10:17:16PM +0000, Terry Lambert wrote:
>> Log in somehow (real login, xterm -ls, whatever) and verify your
>> user/[pt]ty combo by doing who(1) and tty(1) commands.  Now use
>> login(1) to log in as some other user and do the who/tty thing again.
>> You'll have a new utmp entry for the user you just logged in as.  Now
>> log out and do another who(1).  You'll have had your utmp entry
>> smashed and still show up as the user you logged in and out again as.
>>
>> Not sure how to fix this one - it's "interesting." :)
>
> Read the login man page.  Login is supposed to be exec'ed by
> the shells:
>
>      The standard shells, csh(1) and sh(1),  do not fork before executing the
>      login utility.
>
> So it is supposed to be impossible to do the "Now log out and do another
> who(1)." part of repeating the "problem".

Thanks.  That's the answer.

> If you want to become another user and return to yourself afterwards,
> use the "su" command.  Since it keeps running, it can change things
> like the utmp entry, and put it back afterwards (though it doesn't
> fiddle utmp, even when you specify "-l"; that's probably a bug, too).

Unfortunately, this isn't.  Obviously, if you can return, you sh
hasn't exec'ed login, it's forked first.  Look:

$ ps utpc
USER   PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
grog 17431  1.3  0.3   500  288  pc  Ss   10:02AM   0:00.27 sh
grog 17441  0.0  0.3   640  276  pc  R+   10:03AM   0:00.00 ps -utpc
$ login yvonne
Password:
Last login: Mon Sep 15 10:02:36 on ttypc
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights reserved.

FreeBSD 3.0-CURRENT (FREEBIE) #26: Thu Sep 11 04:58:01 CST 1997

$ ps utpc
USER     PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
yvonne 17442  5.3  0.9  1032  880  pc  S    10:03AM   0:00.29 -bash (bash)
grog   17431  0.5  0.3   500  288  pc  Ss   10:02AM   0:00.27 sh
yvonne 17454  0.0  0.3   640  272  pc  R+   10:03AM   0:00.00 ps -utpc

sh and bash both do this; I haven't checked csh.

I don't understand why login should ever be called interactively.  We
have su for that.

Greg