From owner-freebsd-current Wed Nov 12 06:37:46 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id GAA07294 for current-outgoing; Wed, 12 Nov 1997 06:37:46 -0800 (PST) (envelope-from owner-freebsd-current) Received: from cs.iastate.edu (root@cs.iastate.edu [129.186.3.1]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id GAA07281 for ; Wed, 12 Nov 1997 06:37:40 -0800 (PST) (envelope-from ghelmer@cs.iastate.edu) Received: from popeye.cs.iastate.edu (popeye.cs.iastate.edu [129.186.3.4]) by cs.iastate.edu (8.8.7/8.8.7) with ESMTP id IAA24587; Wed, 12 Nov 1997 08:37:37 -0600 (CST) Received: from localhost (ghelmer@localhost) by popeye.cs.iastate.edu (8.8.7/8.7.1) with SMTP id IAA03134; Wed, 12 Nov 1997 08:37:36 -0600 (CST) X-Authentication-Warning: popeye.cs.iastate.edu: ghelmer owned process doing -bs Date: Wed, 12 Nov 1997 08:37:34 -0600 (CST) From: Guy Helmer To: Sean Eric Fagan cc: current@FreeBSD.ORG Subject: Re: Anyone object to this login.c patch? In-Reply-To: <199711120508.VAA01909@kithrup.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 11 Nov 1997, Sean Eric Fagan wrote: > I need logging for failed logins, and I was unable to figure out how to get > it without this change. It will log failures more often than the other > would (well, I was able to get *any*, when I wasn't before). > > Index: login.c > =================================================================== > RCS file: /usr/cvs/src/usr.bin/login/login.c,v > retrieving revision 1.30 > diff -u -r1.30 login.c > --- login.c 1997/10/19 09:34:06 1.30 > +++ login.c 1997/11/12 05:05:54 > @@ -502,6 +502,7 @@ > > (void)printf("Login incorrect\n"); > failures++; > + badlogin(username); If you're going to log each failure, perhaps failures (the failure count) should be capped at 1 or badlogin() should be changed to not include the failure count in the log message. I use the number of failures in the log file to count the number of failed login attempts on each account. Allowing the failure count to increase and logging the new failure count at each failure would make it impossible to get the true number of login failures against an account. (With the exception of the failure count problem, logging each failure would make my count of failed login attempts more accurate because, in the original code, failed login attempts were *not* logged if followed by a successful login.) Alternatively, perhaps each individual login failure could be logged with a message that is different from the current message logged by badlogin(). FWIW, I've not had trouble getting these messages from completely unsuccessful login attempts... Guy Helmer, Computer Science Graduate Student - ghelmer@cs.iastate.edu Iowa State University http://www.cs.iastate.edu/~ghelmer Research Assistant, Scalable Computing Laboratory, Ames Laboratory